urlscan.io logo urlscan.io
SecurityTrails logo

www.e-rewards.com Open in urlscan Pro
2600:9000:211a:7000:3:68f9:62c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.e-rewards.com/contactus.do
Effective URL: https://www.e-rewards.com/contactus.do
Submission: On October 05 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 21 domains to perform 72 HTTP transactions. The main IP is 2600:9000:211a:7000:3:68f9:62c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.e-rewards.com. The Cisco Umbrella rank of the primary domain is 812927.
TLS certificate: Issued by Amazon on June 22nd 2022. Valid for: a year.
This is the only time www.e-rewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2600:9000:211... 16509 (AMAZON-02)
3 2600:9000:220... 16509 (AMAZON-02)
1 2 34.228.250.246 14618 (AMAZON-AES)
2 52.217.141.81 16509 (AMAZON-02)
1 108.138.34.14 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 16 52.222.214.73 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
1 108.138.7.27 16509 (AMAZON-02)
4 2606:4700:e6:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.222.236.63 16509 (AMAZON-02)
1 52.222.137.209 16509 (AMAZON-02)
1 104.26.11.16 13335 (CLOUDFLAR...)
1 65.9.86.126 16509 (AMAZON-02)
2 52.207.46.48 14618 (AMAZON-AES)
1 7 104.103.77.186 16625 (AKAMAI-AS)
3 13.32.110.106 16509 (AMAZON-02)
1 18.66.112.15 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 34.205.216.121 14618 (AMAZON-AES)
72 26
10    2600:9000:211a:7000:3:68f9:62c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.e-rewards.com
3    2600:9000:2204:fa00:17:5070:d6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
darwin-assets.dynata.com
2    34.228.250.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-250-246.compute-1.amazonaws.com
goggles.mw.dynata.com
2    52.217.141.81 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
upp-public.s3.amazonaws.com
1    108.138.34.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-34-14.muc50.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
1    2a02:26f0:3500:58f::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
4    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
16    52.222.214.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-73.fra56.r.cloudfront.net
widget.freshworks.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.google.de
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
1    108.138.7.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-27.fra56.r.cloudfront.net
static.hotjar.com
4    2606:4700:e6::ac40:ca1c (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net
script.hotjar.com
1    52.222.137.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-209.ams50.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net
1    104.26.11.16 (United States)

ASN13335 (CLOUDFLARENET, US)
settings.luckyorange.net
1    65.9.86.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-126.ams1.r.cloudfront.net
vars.hotjar.com
2    52.207.46.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-46-48.compute-1.amazonaws.com
surveysupport.freshdesk.com
7    104.103.77.186 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-77-186.deploy.static.akamaitechnologies.com
c.evidon.com
3    13.32.110.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-106.vie50.r.cloudfront.net
nexus.ensighten.com
1    18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net
vc.hotjar.io
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    34.205.216.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-216-121.compute-1.amazonaws.com
l.evidon.com
Apex Domain
Subdomains		 Transfer
16 freshworks.com
widget.freshworks.com — Cisco Umbrella Rank: 25840
221 KB
10 evidon.com
c.evidon.com — Cisco Umbrella Rank: 1876
l.evidon.com — Cisco Umbrella Rank: 12022
42 KB
10 e-rewards.com
www.e-rewards.com — Cisco Umbrella Rank: 812927
272 KB
5 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3306
ka-f.fontawesome.com — Cisco Umbrella Rank: 6353
100 KB
5 dynata.com
darwin-assets.dynata.com — Cisco Umbrella Rank: 206019
goggles.mw.dynata.com — Cisco Umbrella Rank: 291486
37 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
209 KB
3 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3863
11 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 874
script.hotjar.com — Cisco Umbrella Rank: 1166
vars.hotjar.com — Cisco Umbrella Rank: 1268
69 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3900
366 B
2 freshdesk.com
surveysupport.freshdesk.com
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 955
34 B
2 gstatic.com
fonts.gstatic.com
46 KB
2 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
d10lpsik1i8c69.cloudfront.net
15 KB
2 amazonaws.com
upp-public.s3.amazonaws.com — Cisco Umbrella Rank: 405614
140 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 3460
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
349 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3058
255 B
1 luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 11805
746 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
1 KB
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 479
17 KB
72 21
Domain Requested by
16 widget.freshworks.com 1 redirects www.e-rewards.com
widget.freshworks.com
10 www.e-rewards.com 1 redirects www.e-rewards.com
7 c.evidon.com 1 redirects www.e-rewards.com
c.evidon.com
4 ka-f.fontawesome.com d2wy8f7a9ursnm.cloudfront.net
www.e-rewards.com
4 www.googletagmanager.com www.e-rewards.com
www.googletagmanager.com
3 l.evidon.com
3 nexus.ensighten.com www.googletagmanager.com
nexus.ensighten.com
3 darwin-assets.dynata.com www.e-rewards.com
2 region1.analytics.google.com www.googletagmanager.com
2 surveysupport.freshdesk.com widget.freshworks.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 sessions.bugsnag.com d2wy8f7a9ursnm.cloudfront.net
2 fonts.gstatic.com fonts.googleapis.com
2 upp-public.s3.amazonaws.com www.e-rewards.com
2 goggles.mw.dynata.com 1 redirects www.e-rewards.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 vc.hotjar.io script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 settings.luckyorange.net d2wy8f7a9ursnm.cloudfront.net
1 d10lpsik1i8c69.cloudfront.net www.e-rewards.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.e-rewards.com
1 fonts.googleapis.com www.e-rewards.com
1 kit.fontawesome.com www.e-rewards.com
1 assets.adobedtm.com www.e-rewards.com
1 d2wy8f7a9ursnm.cloudfront.net www.e-rewards.com
72 27

This site contains links to these domains. Also see Links.

Domain
www.e-rewards.de
Subject Issuer Validity Valid
e-rewards.com
Amazon		 2022-06-22 -
2023-07-21		 a year crt.sh
*.dynata.com
Amazon		 2022-06-01 -
2023-06-30		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-26 -
2023-04-26		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-12 -
2023-08-12		 a year crt.sh
*.freshworks.com
Amazon		 2022-07-26 -
2023-08-24		 a year crt.sh
*.mw.dynata.com
Amazon		 2022-06-27 -
2023-07-26		 a year crt.sh
*.freshdesk.com
Amazon		 2022-03-16 -
2023-04-14		 a year crt.sh
*.evidon.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-12 -
2023-04-12		 a year crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-12		 a year crt.sh
*.hotjar.io
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.e-rewards.com/contactus.do
Frame ID: 8EC79F4D99AAAA6403C0B5534797F595
Requests: 56 HTTP requests in this frame

Frame: https://widget.freshworks.com/widgetBase/widget.js
Frame ID: 3EDBA6C266B819E86A4992E03CECC450
Requests: 11 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 25EC11FEC867763F935E71C7F89EE620
Requests: 1 HTTP requests in this frame

Frame: https://widget.freshworks.com/widgetBase/static/media/styles.5fe92f64.css
Frame ID: E84AA51C8E31A1A83586A252AD85479C
Requests: 1 HTTP requests in this frame

Frame: https://widget.freshworks.com/widgetBase/static/media/styles.fd05bbdf.css
Frame ID: 980D7F3D88284612BE917D80B67FC661
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paid Surveys Online | e-Rewards currency

Page URL History Show full URLs

  1. http://www.e-rewards.com/contactus.do HTTP 301
    https://www.e-rewards.com/contactus.do Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js
Overall confidence: 100%
Detected patterns
  • c\.evidon\.com
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

72
Requests

96 %
HTTPS

46 %
IPv6

21
Domains

27
Subdomains

26
IPs

4
Countries

1202 kB
Transfer

3567 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.e-rewards.com/contactus.do HTTP 301
    https://www.e-rewards.com/contactus.do Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://goggles.mw.dynata.com/api/v1/upp/global.js HTTP 302
  • https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=1
Request Chain 16
  • https://widget.freshworks.com/widgets/73000000940.js HTTP 301
  • https://widget.freshworks.com/widgetBase/bootstrap.js
Request Chain 56
  • https://c.evidon.com/sitenotice/1696/e-rewards/settings.js HTTP 301
  • https://c.evidon.com/sitenotice/1696/e-rewards/settingsV2.js

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request contactus.do
www.e-rewards.com/
Redirect Chain
  • http://www.e-rewards.com/contactus.do
  • https://www.e-rewards.com/contactus.do
129 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:7000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
683d56d7dcaf63098ebb768af4f59bf2e8e95b41d29b6e603c48507acc1139a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 05 Oct 2022 05:57:43 GMT
etag
W/"7ebb3e6c9d72f23d3a9e6f6a9444c2e0"
last-modified
Fri, 23 Sep 2022 13:50:16 GMT
server
nginx/1.21.6
vary
Accept-Encoding
via
1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
x-amz-cf-id
pNftyoq9Amo851llcL5VOJ15oTF7-f7fWCF5MV6ssZc9guqyIwZtBw==
x-amz-cf-pop
VIE50-C2
x-cache
Error from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:57:43 GMT
Location
https://www.e-rewards.com/contactus.do
Server
CloudFront
Via
1.1 2acbf12c17a7f7f2ed99463cb4024586.cloudfront.net (CloudFront)
X-Amz-Cf-Id
2TyjdqwUj_5gu80GYaXavw333ozy3R7-MGRgEs2SdLvMMeOPMW0WPw==
X-Amz-Cf-Pop
VIE50-C2
X-Cache
Redirect from cloudfront
style.css
www.e-rewards.com/blueprint/dist/stylesheets/ 		97 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/stylesheets/style.css
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:7000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
bfb745758c9ec0195071fcaabd9791a08bffbe4315a3c80739b084d37e087369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/contactus.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:07:58 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.057; 0.001; 0.057
x-amz-cf-pop
VIE50-C2
age
86397
etag
"5f04637cf5e4a40ab10b9b2b455dda15"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
content-length
16014
x-amz-cf-id
fatq56IAsG-n6ymw3XtvSnqnernVICl7zYYXLT0TLCBTUxDJG7zgLw==
default-content.css
www.e-rewards.com/blueprint/dist/stylesheets/layouts/default/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/stylesheets/layouts/default/default-content.css
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:7000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
702a1bce86e29766ac378801b60b23a8bd07c8e342ce074b60ea626e3e2a92a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/contactus.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:06:47 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.036; 0.001; 0.035
x-amz-cf-pop
VIE50-C2
age
86397
etag
"91f07fac9b17d801c73f4c564763ce88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
content-length
3467
x-amz-cf-id
5oU7IwkFeLejojTUFdR8iTebB67qqM2B6TTTiFb0Z0QKvjnEeRXMiw==
notFound.css
www.e-rewards.com/blueprint/dist/stylesheets/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/stylesheets/notFound.css
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:7000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
6f2ae750b8b91083fe462d13950001c71923cefae2e7a2c6a82e5e87b1b5cc63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/contactus.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:06:49 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.037; 0.001; 0.036
x-amz-cf-pop
VIE50-C2
age
86397
etag
"4317edb9d606a5a0666dc3dc321498bb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
content-length
850
x-amz-cf-id
Ai1mC1vYgGSXmspK-9HVpNzS0yxYtOkzxw5ofNz68oXlLFqksJxiMQ==
icons.js
www.e-rewards.com/blueprint/dist/common/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/common/icons.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:7000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
151747425d77e68d7139dc374ebb289ee1ddda7dea62727a93be1c91591bde2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/contactus.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:05:57 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.031; 0.003; 0.031
x-amz-cf-pop
VIE50-C2
age
86397
etag
"eef7012ca2d30429caa7f4bf34a7c397"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
content-length
4041
x-amz-cf-id
MoD8xXRRmk80EluBBDwQzhMgTpBcIsUBPFTGhkHTrCOMwfcKg5Sfbw==
eRewards.png
darwin-assets.dynata.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://darwin-assets.dynata.com/eRewards.png
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:fa00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
940814c81f66bbc6074e23d64a49d45c5946d3e93c5c6807dc6c30f52e99b690

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:50:55 GMT
via
1.1 196da8dbede310a18cd917665afeaa22.cloudfront.net (CloudFront)
last-modified
Wed, 18 Sep 2019 20:53:26 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
4010
etag
"e83a54d1881a6746694f1a237cc2c56d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
20996
x-amz-cf-id
m4W8B4Vy8axzwPrhBtVv0PHuYw835bMTw9DimIBhf8VtLImv7ptvBQ==
eRewards-mobile.png
darwin-assets.dynata.com/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://darwin-assets.dynata.com/eRewards-mobile.png
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:fa00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd1d48c6172c4a60339397890b7687cdcb03b45261d095304888c79e959714fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:51 GMT
via
1.1 196da8dbede310a18cd917665afeaa22.cloudfront.net (CloudFront)
last-modified
Mon, 23 Sep 2019 23:36:52 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
3174
etag
"a9b763f281d166afbf0777e5406ea6fd"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6541
x-amz-cf-id
OwEttLFWaMCBwzizsy8I7bZkpiV4l5eXSKxPiRS8_ZzHJs5MoG4L1w==
global.js
upp-public.s3.amazonaws.com/upp-client/1.2.2/
Redirect Chain
  • https://goggles.mw.dynata.com/api/v1/upp/global.js
  • https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=1
66 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=1
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
HTTP/1.1
Server
52.217.141.81 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
98e192cd4c0c0ff6fe661f022c0569e05b824392f6b172a6b54ff3233d03837e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:57:45 GMT
Last-Modified
Sat, 23 Jul 2022 20:39:10 GMT
Server
AmazonS3
x-amz-request-id
VVBD3754D2EAQJ83
ETag
"2982ac4d3b11fae659fe262fe20ee1b0"
Content-Type
application/javascript
Cache-Control
max-age=2592000,public
Accept-Ranges
bytes
Content-Length
67331
x-amz-id-2
WnLBk3rBreQq14FBCkFGn6YxZIGCMzhcYUrtIRgtS6NVTImfWuYY3MFDlutnAbWklf0bcC/5ODQ=

Redirect headers

date
Wed, 05 Oct 2022 05:57:44 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/html; charset=utf-8
location
https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=1
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
content-length
110
nectarCanvass2-global.js
www.e-rewards.com/blueprint/dist/packages/ 		617 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/packages/nectarCanvass2-global.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:7000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
6beaa737a07b2cdd82921ee0c8f09b66a177140265905ce32c1ef9c1dfb59272

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/contactus.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:06:36 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.060; 0.000; 0.060
x-amz-cf-pop
VIE50-C2
age
86397
etag
"09b41789e411461aee348f494eb899b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
content-length
138128
x-amz-cf-id
FxTsqecY2ha_LPnxJrm0423aLqm4Aryl8zlIhrxqlY_YK0W670mBlg==
defaultLayout.js
www.e-rewards.com/blueprint/dist/apps/defaultLayout/ 		81 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/apps/defaultLayout/defaultLayout.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:7000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
c2e842ed394f4e7535d88f8bd20b33815df788674b008989512efb572ffedf61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/contactus.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:05:32 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.068; 0.000; 0.067
x-amz-cf-pop
VIE50-C2
age
86397
etag
"3a2c1410d291ac48982906a964c3d94b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
content-length
17933
x-amz-cf-id
9bdIxPLnMizr5B7kAWcncqFqrU4Fmv9swHQERSmfn83IXq_hZAlgXw==
layout.js
www.e-rewards.com/blueprint/dist/common/ 		2 KB
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/common/layout.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:7000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e16b9816ecaf90056fe69adbef5506c6c014c03b4d17826f89f84d19a54ba68e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/contactus.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:05:57 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.033; 0.001; 0.033
x-amz-cf-pop
VIE50-C2
age
86397
etag
"6dcbca8f566059daf429d6ca34263053"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
content-length
608
x-amz-cf-id
1vm31Rvn3owXhqpHvQ8QTcjt6Vk77VQ4jkjjmNlBTS6ZyxQQ90GHIQ==
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v6/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.34.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-34-14.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 01:53:09 GMT
Content-Encoding
gzip
Via
1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
Last-Modified
Wed, 05 Feb 2020 15:23:02 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P2
Age
4680275
ETag
W/"e63788b8657ac52b3cdbb970e551c2a4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Cache
Hit from cloudfront
Cache-Control
public, max-age=315360000
Connection
keep-alive
X-Amz-Cf-Id
APyuDFOd9TRdsshY3QP6yqwO5hnQsUHda1gLq114N_vgAUdcRg3Adg==
launch-EN60fd1a01badf4e628a4115339e14d224.min.js
assets.adobedtm.com/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN60fd1a01badf4e628a4115339e14d224.min.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
75d814df063980d65abcc223a3c8313d4ebeba9435ddcd7b961cccdd1688539b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:44 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 14:52:00 GMT
server
AkamaiNetStorage
etag
"a052f8799a3143cef6b444e408015de8:1648651920.253085"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.e-rewards.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
16632
expires
Wed, 05 Oct 2022 06:57:44 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-48438478-1
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b7d31b17b42f6e8ebc8fd72fdf1f97e951e67bdbc22d3517263ca992c79a3150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42379
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 05:57:44 GMT
b7da1dbf2d.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/b7da1dbf2d.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96683749d2c3d3d7bd41b1e8fe4ccb72fbdc6d31be4815741cb0c3a471ef3861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:44 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
31
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7553ebe938829244-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FvqHFKamuzhZ2gsVZOOB
campaign.js
darwin-assets.dynata.com/ 		68 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://darwin-assets.dynata.com/campaign.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:fa00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85b5e0ac186f64a05b6f8b95e5fb25e8706c05d7f8141449f769b153b11d9933

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 07:41:01 GMT
content-encoding
gzip
via
1.1 196da8dbede310a18cd917665afeaa22.cloudfront.net (CloudFront)
last-modified
Mon, 28 Jun 2021 20:54:23 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
80243
x-amz-server-side-encryption
AES256
etag
W/"0d10bee3b51513c3019ffbd71f9045ee"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
HsrKXNJjquNZH4O-xxj9bQtoHp-J7nF0MiZj1S0wqtZ_q38GwBi8cA==
global.js
upp-public.s3.amazonaws.com/upp-client/1.1.0/ 		73 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upp-public.s3.amazonaws.com/upp-client/1.1.0/global.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.141.81 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e0253ec10cf55e245b9f78544fdb24b4362dc04d031f1f66081012cbd72230d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:57:45 GMT
Last-Modified
Wed, 01 Sep 2021 19:57:50 GMT
Server
AmazonS3
x-amz-request-id
VVBEDF2WQ7V89HC4
ETag
"b40fa8996c08bb7924fcb7308d82b7f6"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
74931
x-amz-id-2
N8Cz7Hy6xPNxcD1PXAX3zg133suZU5TA9e27laNDRx1BNNvZDI6BqoL2sUagl/5dDjO52QWeOuA=
bootstrap.js
widget.freshworks.com/widgetBase/
Redirect Chain
  • https://widget.freshworks.com/widgets/73000000940.js
  • https://widget.freshworks.com/widgetBase/bootstrap.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/bootstrap.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee44cd411ab8bbae046b53b3e23b1a0bf0c85a547df4707c29d094043624dd4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
KDwZqnQjVPwB11bk6UNpPRzkcpHoPw7O
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
date
Wed, 05 Oct 2022 05:55:35 GMT
last-modified
Wed, 21 Sep 2022 03:35:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
129
etag
W/"991532202f20564c613fd227683125ff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
x-amz-cf-id
sXqO_VF8c_D1LkGTAz-bwcqFbro2v8sxg3Ycj-eQASMLRUlXmB1IsQ==

Redirect headers

date
Wed, 05 Oct 2022 05:57:13 GMT
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
32
x-cache
Hit from cloudfront
location
/widgetBase/bootstrap.js
content-length
0
x-amz-cf-id
7g-Z1qvA3c4uen6NOlnZngMMg21OPd0H0COq1NsOB1UfpYCi5Y3RGQ==
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/blueprint/dist/stylesheets/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce790ebecbb55dffebbaa44622b9c389a00533b410216fb0a12e92ad28917fdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 05:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 04:30:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 05:57:44 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.e-rewards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:07:14 GMT
x-content-type-options
nosniff
age
46230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 17:07:14 GMT
fontawesome-webfont.woff2
www.e-rewards.com/shared/vendor/font-awesome/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/shared/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/blueprint/dist/stylesheets/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:7000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://www.e-rewards.com/blueprint/dist/stylesheets/style.css
Origin
https://www.e-rewards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 06:08:23 GMT
via
1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
last-modified
Wed, 09 Jun 2021 14:29:15 GMT
server
nginx/1.21.6
x-stats
@origin; 0.174; 0.001 : 0.002 : 0.002 : 0.001 : 0.001 : 0.000; 0.031 : 0.023 : 0.021 : 0.014 : 0.031 : 0.054
x-amz-cf-pop
VIE50-C2
age
85761
etag
"db812d8a70a4e88e888744c1c9a27e89"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
max-age=604800
content-length
66624
x-amz-cf-id
qAgb9904TO_BLYJ_HUFg8naAz9O1frjWAd4m6QGiuyDUhGuegl38HQ==
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.e-rewards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 16:02:02 GMT
x-content-type-options
nosniff
age
395742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2023 16:02:02 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://www.e-rewards.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 05 Oct 2022 05:57:45 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://www.e-rewards.com/
Bugsnag-Sent-At
2022-10-05T05:57:45.122Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
f76e95dcd14d705fbc9ef14b67d8d4c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 05 Oct 2022 05:57:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
hotjar-1702204.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1702204.js?sv=6
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-27.fra56.r.cloudfront.net
Software
/
Resource Hash
fe860cbc35aa951ba1f62490405502ab4f77228774138f2ea129bf5acc49dedb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
48
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/f7109f7957963ca4d930a2ffea4f9868
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
YQlNdUmKslAmvZ-8bDYKbZw1cFyykWwEKcK6bFu55Itz6w8KWik-mg==
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=b7da1dbf2d
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
via
1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P6
age
309309
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05CNYbhTXzaTvitOTpk2ZkeLPI6TmeFU88wNvUGVjP420uBrsGP4cNQVpCV%2BqMJs%2FoAMOjEuyyYtD56%2BxS39plLjsrIgueiKip6%2BBp%2BTrz8XbZWqhFHTgEEzZQxNbBQGui3Yqm0qtkdqXvbibaoqAwWJAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7553ebed2eda9966-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
0x1xt3OfBEmocEpfobEcV-6KMeUHhJ1bdg0KK3Xyd-QQJm2Fidl7SA==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=b7da1dbf2d
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P6
age
326743
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6T4v0TERiI17ZOdLGjiUIXYNySXkXJ39iMDEOWs19HyzIAK8F2YHhVHu%2BYkFTH4dhbEOI5c49QDB9QrMzex6lVU8O0pH09yo6JxyTCgmE7VGBufl0NGVh3rjPNlWFgzTOkW2%2Ftg5ZEsYbr816qKb9J6gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7553ebed2ee19966-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
ddNKbbquibsWFSmFRxY07ZQD6zLTNmDf87nBg7vraZs6uQsWigO5nA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=b7da1dbf2d
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
via
1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
age
92156
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCopwrhKE9JWHwJzKXffX5dFrj8KuDIUWIEcWElAP4opw7K7rsYrvWOFeH2ODuhtsJXcZZNfjTHhN4U81pXW1yRzf%2Fcyjiah6xNIivSxj35IJQZx%2FEaVmJ%2B0XnwHdWwXkypIiwvO7F0MJ%2BtGwHg7u4lYBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7553ebed2ede9966-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
J2Q_yKMIXCfJc0SqSrK43OZ-YcXbUXxy7U1bqWXJ0IIy3ngCAlsaTA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48438478-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Oct 2022 05:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2508
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 05 Oct 2022 07:15:57 GMT
modules.cbd9768ba80ba0be5b17.js
script.hotjar.com/ 		254 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.cbd9768ba80ba0be5b17.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1702204.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-63.fra56.r.cloudfront.net
Software
/
Resource Hash
5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 18:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
40239
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
66229
last-modified
Tue, 04 Oct 2022 18:46:48 GMT
etag
"483a48bedf96c50163b542fb95446039"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
atJw6RuYio1bbuV-5FenItdrZ4rVQNU_OMRUd4LI0kIJ2crrH3uQDg==
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer
https://www.e-rewards.com/
Origin
https://www.e-rewards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
334888
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKMP1GAAoADWp1k1wgmKX9zLwl6ZTYwOscNm%2FHeIYkyeWEMqmoMpQRipmu7veijWGkYKZMNGGe%2BqqAjoyAvBcpNB0ii2ShYm0iHY%2FTWdo%2BAkXdnq0Yai1L1PughSaUqaW6%2BO%2Bk3oMQFn%2FaxouwqGdLKfaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7553ebed5f0e9966-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
fjgouymB0PiDzgSOZsRmoQPh1G4S_usxuX8pVK6JmQl5wF_yOBveGw==
w.js
d10lpsik1i8c69.cloudfront.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-209.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:46:58 GMT
content-encoding
gzip
via
1.1 9463f100725b8b17da2d778617835760.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:48 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
648
etag
W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Vpjr_f6qIACdA5hVbJ2_ab53nmnAG_IG47z6vy5oDcruqalCsz4TBw==
gtm.js
www.googletagmanager.com/ 		149 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLFM7ZQ
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61740d4723ac22ebbe2e30d06a16b05a2b9ce12929dfa1096e86040708f4f449
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55919
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 05:57:45 GMT
gtm.js
www.googletagmanager.com/ 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MWBHNQL
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
43a38cf42048aa92607465237bd0abcafeee064b02d3b4b2ad214c2c52f4c491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39251
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 05:57:45 GMT
73000000940.json
widget.freshworks.com/widgets/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgets/73000000940.json?randomId=0.1503117798393332
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/73000000940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08704cd4341e4868975423d2e5cb401419e8525f51d4124f1a6faa9c43ff2b28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
IDi5QaEIR5s2ugDe40pVzxCtIMDN1JBK
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
date
Wed, 05 Oct 2022 05:57:14 GMT
last-modified
Wed, 24 Aug 2022 05:30:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
32
etag
W/"459163073602ec1b082942f835582e55"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
6HH8PSVb1YtIlFf4dkomW3--u8HLRTrgMZqYxyQfv6YP19htTwaiBw==
config
goggles.mw.dynata.com/api/v1/panel/ 		16 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://goggles.mw.dynata.com/api/v1/panel/config?panelId=50&locale=en_US&campaignId=0
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.250.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-250-246.compute-1.amazonaws.com
Software
/
Resource Hash
beca0b841439ecad66c06d67aae666878501c28cd78c63add594c9cb8b58531b

Request headers

Accept
*/*
Referer
https://www.e-rewards.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://www.e-rewards.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
frame.d7ae132c.css
widget.freshworks.com/widgetBase/static/media/ 		1 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/static/media/frame.d7ae132c.css
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/73000000940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-version-id
j5whwB96_vMnwtsuok7nj2eFye31zbxy
last-modified
Wed, 21 Sep 2022 03:33:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1218114
etag
W/"d7ae132c387286735e2e9d369838b0c5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=8640000
x-amz-cf-id
xQAmMWSay9z6qzeKCWCL1sGBBBdTGU-IvvIZ-eDkovrtxLW0Vgx4Ow==
widget.js
widget.freshworks.com/widgetBase/ Frame 3EDB 		294 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/73000000940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf3d7c09c6f60ad25b09675f259a885789faa56f93832f75a5f6ead5a210b43e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
xCrGW9tMv6bE6vC6SbOn_MYX_EkWcUt_
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
date
Wed, 05 Oct 2022 05:56:33 GMT
last-modified
Wed, 21 Sep 2022 03:34:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
79
etag
W/"61f0e6bff81de277e4da2b998bf726f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
x-amz-cf-id
vsd0afKJ86V_nHuWt9Pa44sIBoo-W9YtZe2qesBdYZ_iAMmL6b5p-A==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=775608235&t=pageview&_s=1&dl=https%3A%2F%2Fwww.e-rewards.com%2Fcontactus.do&ul=en-us&de=UTF-8&dt=Paid%20Surveys%20Online%20%7C%20e-Rewards%20currency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2108110665&gjid=41564068&cid=140691620.1664949465&tid=UA-48438478-1&_gid=1944490233.1664949465&_r=1&gtm=2oua30&z=1857721204
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.e-rewards.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:57:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.e-rewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
settings.luckyorange.net/ 		129 B
746 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.e-rewards.com%2Fcontactus.do&s=201489
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a9094c150596de12e4d5a157e2ab23b9319a5ebf715b534d78fa4372e5f99c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.e-rewards.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiGVKEg0F7O7ong8%2FSaFV2uJsSKMu7Y2cm1ACsDmIhLaZmk4WqwVJiDbJ2ryRiZsEBEqa%2B8%2Bvnyn1YpegeLn50yR3PYk5%2FDOgKRBR0aLMGrPmP5d1LDKf2bkg0OaZY3KFeO8kRdqzBYXPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-credentials
true
cf-ray
7553ebeeab89912b-FRA
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame 25EC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1702204.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-126.ams1.r.cloudfront.net
Software
/
Resource Hash
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.e-rewards.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
73777
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:28:08 GMT
etag
"f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified
Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 609487f3e9c1fd7ddcc7b01d9818bfec.cloudfront.net (CloudFront)
x-amz-cf-id
ed2kF11U9yHsI6Z15wAFF9CjiP4eC1NdCGuelD2YibArWUrduh3img==
x-amz-cf-pop
AMS1-C1
x-cache
Hit from cloudfront
x-robots-tag
none
0.1c2c4df3af1f24955f03.widget.js
widget.freshworks.com/widgetBase/ Frame 3EDB 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/0.1c2c4df3af1f24955f03.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eebb718a7898bfa8dabd53c7b04f06fc4c9e37de7778cf19d29ab2c30eb7e420

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-version-id
SZ1JnkQiOZz76nVmdajsQ1dVDwWZlt_f
last-modified
Wed, 21 Sep 2022 03:34:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1218114
etag
W/"9d67e8092feed452dfdb6c990e6724c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
hJC0r4MuGnL46924_BZfNyMFfXEbZU3LC6OrsE1DNwCax36uFGS94A==
1.0e8f0237accf8416de7f.widget.js
widget.freshworks.com/widgetBase/ Frame 3EDB 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/1.0e8f0237accf8416de7f.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-version-id
N6z.2MDtCMemJdNVXxlFNNVDfKUB.SR.
last-modified
Wed, 21 Sep 2022 03:34:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1218114
etag
W/"7c346979da8f0571ca5e101f69a9c6f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
8YusvDGi2hyA2TwZ0O0V0VV5wMlc6frAPGioeL2rAyCwRZe8NeNrbQ==
8.11bbb2fbc068c24e2209.widget.js
widget.freshworks.com/widgetBase/ Frame 3EDB 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/8.11bbb2fbc068c24e2209.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8ead910f0137791246b27c2ffceb67e8472754570113840bf7e8c4e860446da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-version-id
rVFGT60iLKG1Gsh4zMlaCcoNf7TN0xaQ
last-modified
Wed, 21 Sep 2022 03:34:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1218114
etag
W/"a793c15efc5c381a3670f6ebeaff05e4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
2kV2kOlgtsiebEIMqSe48VY20wrxEEyJoNVycIfAjdQ12jAPA0rtAw==
10.94324fab217fc1ec04d6.widget.js
widget.freshworks.com/widgetBase/ Frame 3EDB 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/10.94324fab217fc1ec04d6.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9765e2a5cb416fba2b40a4775f7d60a6af704db8799da9bad960a698a5ba2cff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-version-id
WsfL9a.jxjVWj4W8b08Av7JSjoXsVrD_
last-modified
Wed, 21 Sep 2022 03:34:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1218114
etag
W/"47256320c76d88909573c67ab32939e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
OBV4PgEz0FoEsc2HCBIV4bTBrXi_OSr4ur9K7vgxx-NaxgVKZmMBwQ==
16.7ec448c965bf78140550.widget.js
widget.freshworks.com/widgetBase/ Frame 3EDB 		645 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/16.7ec448c965bf78140550.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
223bca8d43d8707a74ccd7526391fe5ac83c702a5c9b7e772bb1ad16644bae02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
x-amz-version-id
zOhP8DnDlO.RnXwL1Dvu69gv9VUOCGic
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 03:34:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1218114
etag
"ae4182d397ed27b1cbd750fc31baf8f0"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
content-length
645
x-amz-cf-id
nF2RIStrtdbKBLyzilJtuypRXzp90pd5ZubTwLUfFk4JqDittMmDvg==
styles.5fe92f64.css
widget.freshworks.com/widgetBase/static/media/ Frame E84A 		1 KB
987 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/static/media/styles.5fe92f64.css
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a3f4874b9624de93233d866964b0157bb391a458e6171cec6ce2f5023b441aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-version-id
A.ZikMfGmwhIcm3AX_up.YCNVeATQxUF
last-modified
Wed, 21 Sep 2022 03:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1218114
etag
W/"5fe92f640f91955b9bd354d6d0e721cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=8640000
x-amz-cf-id
uHF2CpmInpwptoci0MR3sO7zkj9jeZJH6m227lFi30Tiv0ZKMeSOaA==
styles.fd05bbdf.css
widget.freshworks.com/widgetBase/static/media/ Frame 980D 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/static/media/styles.fd05bbdf.css
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0dd504694a5c34ec1857d350623b9eb9a5108826f707936e50ae7c643dc8835c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:36:08 GMT
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-version-id
HOC6XumTC0wdQntrcMIzlj4m2w1N.KRR
last-modified
Wed, 21 Sep 2022 03:33:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1218098
etag
W/"fd05bbdf3ab20435e92d17633e19f9f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=8640000
x-amz-cf-id
-hEcg2YdluNoduk6Yaits9HP0PkhP3omrrIRV9W1DnGSoCTHbXSFCg==
en.json
widget.freshworks.com/widgetBase/locales/ Frame 3EDB 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/locales/en.json
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/10.94324fab217fc1ec04d6.widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9030cf65cb69a872c47189a3e1f695c8f2e1522826ab296d7be86b509dc4fd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:50:56 GMT
x-amz-version-id
nUpkBUuEc9oD22O10C6gbmbYKvyJ_lV_
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
1217210
x-cache
Hit from cloudfront
last-modified
Wed, 21 Sep 2022 03:33:36 GMT
server
AmazonS3
etag
W/"a4790b4f24ede70e1edeed9ac84b0272"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=8640000
x-amz-cf-id
SyKEBgvLUG7O2nIk1sEdQwIa8-plarvs9Hh9kmGbE0uROweMdy9QSQ==
suggested_articles
surveysupport.freshdesk.com/api/widget/solutions/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://surveysupport.freshdesk.com/api/widget/solutions/suggested_articles?language=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.46.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-46-48.compute-1.amazonaws.com
Software
fwe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' *.freshconnect.io/ *.freshworks.com/ *.freshdesk.com/ *.freshworksapi.com/ *.freshdeskusercontent.com/ *.freshdeskusercontent-euc.com/ *.freshdeskusercontent-in.com/ *.freshdeskusercontent-aus.com/ *.fconstage.io/ analytics.inlinemanual.com/__profile analytics.inlinemanual.com/__ptm backend.getbeamer.com/ heapanalytics.com/ d3h0owdjgzys62.cloudfront.net/ d2uy6ubiilaqku.cloudfront.net/assets/ dcdu85ocrj5q6.cloudfront.net/ dtdafz6i4gvv1.cloudfront.net/ d3r4aewxkdubw4.cloudfront.net/ d2lz1e868xzctj.cloudfront.net/ rum.haystack.es/freshdesk/analytics fonts.googleapis.com/ fonts.gstatic.com/ sentry.io/api/ wss://*.freshworksapi.com/ wss://*.freshdesk.com/ fg8vvsvnieiv3ej16jby.litix.io/ distillery.wistia.com/ pipedream.wistia.com/ freshworks.asknice.ly/ embedwistia-a.akamaihd.net/ embed-fastly.wistia.com/ maps.googleapis.com/ graph.microsoft.com/v1.0/ freshcaller-attachments.s3.amazonaws.com/production/ euc-freshcaller-attachments.s3.eu-central-1.amazonaws.com/production/ au-freshcaller-attachments.s3-ap-southeast-2.amazonaws.com/production/ in-freshcaller-attachments.s3.ap-south-1.amazonaws.com/production/ pubsub.rtschannel.com/ api.fdcollab.com/ wss://pubsub.rtschannel.com/ data: blob: api.appcues.net/ wss://api.appcues.net/ fast.appcues.com/ cdn.jsdelivr.net/npm/@freshworks/crayons-icon@next/dist/ translate.googleapis.com/translate_a/t translate.googleapis.com/element/log fast.wistia.net/ fast.wistia.com/; font-src 'self' *.freshdesk.com/ fonts.gstatic.com/ fonts.googleapis.com/ cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/fonts/ fast.wistia.net/ fast.wistia.com/ data:; frame-src 'self' https:; img-src 'self' https: data: blob:; media-src 'self' https: blob:; object-src 'none'; script-src 'self' *.freshworksapi.com/ *.freshworks.com/ *.freshdesk.com/ *.freshchat.com/ *.freshconnect.io/ *.freshcloud.io/ *.fconstage.io/ wchat.freshchat.com/js/ d3h0owdjgzys62.cloudfront.net/ d2uy6ubiilaqku.cloudfront.net/ dtdafz6i4gvv1.cloudfront.net/ dcdu85ocrj5q6.cloudfront.net/ d3r4aewxkdubw4.cloudfront.net/ app.getbeamer.com/js/beamer-embed.js analytics.inlinemanual.com/ cdn.inlinemanual.com/embed/ polyfill.io/v3/polyfill.js cdn.heapanalytics.com/ cdnjs.cloudflare.com/ js.chargebee.com/v1/chargebee.js js.braintreegateway.com/v1/braintree.js static.freshdev.io/ fast.wistia.net/ fast.wistia.com/ static.getbeamer.com/ calendly.com/ unpkg.com/@webcomponents/webcomponentsjs@2.4.3/custom-elements-es5-adapter.js unpkg.com/@webcomponents/webcomponentsjs@2.4.3/webcomponents-loader.js js-agent.newrelic.com/ www.googletagmanager.com/gtag/js static.asknice.ly/dist/standalone/asknicely-in-app-conversation.js www.dropbox.com/static/api/2/dropins.js js.live.net/v7.2/OneDrive.js apis.google.com/ asknice.ly bam.nr-data.net/ www.google-analytics.com/analytics.js maps.googleapis.com/ unpkg.com/@freshworks/crayons@v3/dist/crayons/crayons.esm.js unpkg.com/@freshworks/crayons@v3/dist/crayons/crayons.js s3.amazonaws.com/freshcaller-widget-loader/ in-freshcaller-widget-loader.s3.ap-south-1.amazonaws.com/ s3.eu-central-1.amazonaws.com/euc-freshcaller-widget-loader/ au-freshcaller-widget-loader.s3-ap-southeast-2.amazonaws.com/ www.dropbox.com/static/api/1/dropbox.js fast.appcues.com/ translate.google.com/translate_a/element.js translate.googleapis.com/_/translate_http/_/js/ translate-pa.googleapis.com/v1/supportedLanguages 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.freshworks.com *.freshchat.com/ d3h0owdjgzys62.cloudfront.net/ dcdu85ocrj5q6.cloudfront.net/ dtdafz6i4gvv1.cloudfront.net/ d3r4aewxkdubw4.cloudfront.net/ d2uy6ubiilaqku.cloudfront.net/ fonts.googleapis.com/ app.getbeamer.com/styles/beamer-embed.css *.freshdesk.com/ calendly.com/ unpkg.com/@webcomponents/webcomponentsjs@2.4.3/custom-elements-es5-adapter.js unpkg.com/@webcomponents/webcomponentsjs@2.4.3/webcomponents-loader.js static.asknice.ly/dist/standalone/asknicely-in-app-conversation.css fast.appcues.com/ asknice.ly 'unsafe-inline'; worker-src 'self' blob:
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,http_host,x-client-id,x-widget-id,x-widget-referrer
Access-Control-Request-Method
GET
Origin
https://www.e-rewards.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,http_host,x-client-id,x-widget-id,x-widget-referrer
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Path, X-Method, X-Query-String, X-Ua-Compatible, X-Meta-Request-Version, X-Request-Id, X-Runtime, X-RateLimit-Total, X-RateLimit-Remaining, X-RateLimit-Used-CurrentRequest, X-Freshdesk-API-Version
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; connect-src 'self' *.freshconnect.io/ *.freshworks.com/ *.freshdesk.com/ *.freshworksapi.com/ *.freshdeskusercontent.com/ *.freshdeskusercontent-euc.com/ *.freshdeskusercontent-in.com/ *.freshdeskusercontent-aus.com/ *.fconstage.io/ analytics.inlinemanual.com/__profile analytics.inlinemanual.com/__ptm backend.getbeamer.com/ heapanalytics.com/ d3h0owdjgzys62.cloudfront.net/ d2uy6ubiilaqku.cloudfront.net/assets/ dcdu85ocrj5q6.cloudfront.net/ dtdafz6i4gvv1.cloudfront.net/ d3r4aewxkdubw4.cloudfront.net/ d2lz1e868xzctj.cloudfront.net/ rum.haystack.es/freshdesk/analytics fonts.googleapis.com/ fonts.gstatic.com/ sentry.io/api/ wss://*.freshworksapi.com/ wss://*.freshdesk.com/ fg8vvsvnieiv3ej16jby.litix.io/ distillery.wistia.com/ pipedream.wistia.com/ freshworks.asknice.ly/ embedwistia-a.akamaihd.net/ embed-fastly.wistia.com/ maps.googleapis.com/ graph.microsoft.com/v1.0/ freshcaller-attachments.s3.amazonaws.com/production/ euc-freshcaller-attachments.s3.eu-central-1.amazonaws.com/production/ au-freshcaller-attachments.s3-ap-southeast-2.amazonaws.com/production/ in-freshcaller-attachments.s3.ap-south-1.amazonaws.com/production/ pubsub.rtschannel.com/ api.fdcollab.com/ wss://pubsub.rtschannel.com/ data: blob: api.appcues.net/ wss://api.appcues.net/ fast.appcues.com/ cdn.jsdelivr.net/npm/@freshworks/crayons-icon@next/dist/ translate.googleapis.com/translate_a/t translate.googleapis.com/element/log fast.wistia.net/ fast.wistia.com/; font-src 'self' *.freshdesk.com/ fonts.gstatic.com/ fonts.googleapis.com/ cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/fonts/ fast.wistia.net/ fast.wistia.com/ data:; frame-src 'self' https:; img-src 'self' https: data: blob:; media-src 'self' https: blob:; object-src 'none'; script-src 'self' *.freshworksapi.com/ *.freshworks.com/ *.freshdesk.com/ *.freshchat.com/ *.freshconnect.io/ *.freshcloud.io/ *.fconstage.io/ wchat.freshchat.com/js/ d3h0owdjgzys62.cloudfront.net/ d2uy6ubiilaqku.cloudfront.net/ dtdafz6i4gvv1.cloudfront.net/ dcdu85ocrj5q6.cloudfront.net/ d3r4aewxkdubw4.cloudfront.net/ app.getbeamer.com/js/beamer-embed.js analytics.inlinemanual.com/ cdn.inlinemanual.com/embed/ polyfill.io/v3/polyfill.js cdn.heapanalytics.com/ cdnjs.cloudflare.com/ js.chargebee.com/v1/chargebee.js js.braintreegateway.com/v1/braintree.js static.freshdev.io/ fast.wistia.net/ fast.wistia.com/ static.getbeamer.com/ calendly.com/ unpkg.com/@webcomponents/webcomponentsjs@2.4.3/custom-elements-es5-adapter.js unpkg.com/@webcomponents/webcomponentsjs@2.4.3/webcomponents-loader.js js-agent.newrelic.com/ www.googletagmanager.com/gtag/js static.asknice.ly/dist/standalone/asknicely-in-app-conversation.js www.dropbox.com/static/api/2/dropins.js js.live.net/v7.2/OneDrive.js apis.google.com/ asknice.ly bam.nr-data.net/ www.google-analytics.com/analytics.js maps.googleapis.com/ unpkg.com/@freshworks/crayons@v3/dist/crayons/crayons.esm.js unpkg.com/@freshworks/crayons@v3/dist/crayons/crayons.js s3.amazonaws.com/freshcaller-widget-loader/ in-freshcaller-widget-loader.s3.ap-south-1.amazonaws.com/ s3.eu-central-1.amazonaws.com/euc-freshcaller-widget-loader/ au-freshcaller-widget-loader.s3-ap-southeast-2.amazonaws.com/ www.dropbox.com/static/api/1/dropbox.js fast.appcues.com/ translate.google.com/translate_a/element.js translate.googleapis.com/_/translate_http/_/js/ translate-pa.googleapis.com/v1/supportedLanguages 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.freshworks.com *.freshchat.com/ d3h0owdjgzys62.cloudfront.net/ dcdu85ocrj5q6.cloudfront.net/ dtdafz6i4gvv1.cloudfront.net/ d3r4aewxkdubw4.cloudfront.net/ d2uy6ubiilaqku.cloudfront.net/ fonts.googleapis.com/ app.getbeamer.com/styles/beamer-embed.css *.freshdesk.com/ calendly.com/ unpkg.com/@webcomponents/webcomponentsjs@2.4.3/custom-elements-es5-adapter.js unpkg.com/@webcomponents/webcomponentsjs@2.4.3/webcomponents-loader.js static.asknice.ly/dist/standalone/asknicely-in-app-conversation.css fast.appcues.com/ asknice.ly 'unsafe-inline'; worker-src 'self' blob:
Content-Type
text/plain
Date
Wed, 05 Oct 2022 05:57:45 GMT
Nel
{ "report_to": "nel-endpoint", "max_age": 300, "include_subdomains": true}
Report-To
{ "group": "nel-endpoint", "max_age": 300, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.freshedge.net/nelreports"}]}
Server
fwe
Status
200 OK
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Envoy-Upstream-Service-Time
16
X-Fw-Ratelimiting-Managed
false
X-Request-Id
adb1a2b6-e6cd-4e07-96a9-50330d851b5d
X-Trace-Id
00-811df98f7f2f46a7b1e95cb0d1464706-8830b07bca526d08-00
X-Xss-Protection
1; mode=block
2.776b24560d3a42bc77a9.widget.js
widget.freshworks.com/widgetBase/ Frame 3EDB 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/2.776b24560d3a42bc77a9.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2650c02304c924f8c9350e237aeb1084629a5466d32ad05641467b51b800efe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:36:19 GMT
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-version-id
IWkkUKJoTmXNAekZ9Ty6eMjy.1A7n3fP
last-modified
Wed, 21 Sep 2022 03:34:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1218087
etag
W/"31f8cfdc15c474328dd0bd8d940f5781"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
VUazaIIt6cPjzIu2fE9egTtycG_Cw-5j4UrJy3oXBxmA6M036uO_dg==
3.f10f5e961863203378fa.widget.js
widget.freshworks.com/widgetBase/ Frame 3EDB 		93 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/3.f10f5e961863203378fa.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76cb4beb9d787bc1b4a5c3b4fddac398c8f3b371331ccd026f5a1cff1f6d22cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:36:19 GMT
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-version-id
qjSefOiRVjDNCp4tZPcwMwhAD0A88IRu
last-modified
Wed, 21 Sep 2022 03:34:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1218087
etag
W/"bd998656241f7b1c279014818319c73b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
GbjVcSQUT3urkZi_KYRW1U31bfHUND_DtMY8-YVh75zR2utsdk3GVA==
11.de84fd976335ad4f32bd.widget.js
widget.freshworks.com/widgetBase/ Frame 3EDB 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/11.de84fd976335ad4f32bd.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe65898caf3e96a757235a0703ed19cd9152b6912d62b20fb6ea4326f47d823d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:36:19 GMT
content-encoding
gzip
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-version-id
luzDKTaTQTGvNfliN7dflgumvDJDELQK
last-modified
Wed, 21 Sep 2022 03:34:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
1218087
etag
W/"08c1e62ac1cac5bb64beb65a5fa74b15"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
3701ZbQ1SArnJGgtJz5TV7bHF7oV6vkgPBES06498TJYPClVnJbjkw==
suggested_articles
surveysupport.freshdesk.com/api/widget/solutions/ Frame 3EDB 		594 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://surveysupport.freshdesk.com/api/widget/solutions/suggested_articles?language=en
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.46.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-46-48.compute-1.amazonaws.com
Software
fwe /
Resource Hash
968251f055c1fe0ace50070a7699a8e6318cab42b2fe8d9f09183fb28935f013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-Widget-Id
73000000940
HTTP_HOST
https://surveysupport.freshdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json
Referer
https://www.e-rewards.com/
X-Client-Id
b02ca0d9-b5ea-5cfc-0a9e-08c2abdce104
X-Widget-Referrer
https://www.e-rewards.com/contactus.do

Response headers

Date
Wed, 05 Oct 2022 05:57:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Nel
{ "report_to": "nel-endpoint", "max_age": 300, "include_subdomains": true}
X-Ratelimit-Total
500
Transfer-Encoding
chunked
X-Freshdesk-Api-Version
latest=v2; requested=widget
X-Ratelimit-Used-Currentrequest
1
Status
200 OK
X-Envoy-Upstream-Service-Time
80
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
5c3ef35f-7b3f-4eae-91a0-66ea37c8be4d
X-Ua-Compatible
IE=Edge,chrome=1
X-Trace-Id
00-99e44b231162564bcf2bf0920133c205-b54d91fa28587077-00
Pragma
no-cache
Server
fwe
X-Ratelimit-Remaining
498
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Expose-Headers
X-Path, X-Method, X-Query-String, X-Ua-Compatible, X-Meta-Request-Version, X-Request-Id, X-Runtime, X-RateLimit-Total, X-RateLimit-Remaining, X-RateLimit-Used-CurrentRequest, X-Freshdesk-API-Version
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Report-To
{ "group": "nel-endpoint", "max_age": 300, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.freshedge.net/nelreports"}]}
X-Fw-Ratelimiting-Managed
false
Access-Control-Max-Age
86400
X-Rack-Cache
miss
Expires
Wed, 13 Oct 2010 00:00:00 UTC
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.77.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-77-186.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ae6efcd8bfb917e83cc1025084fc434eb2b3cc82ede1d5144c950d2d24b097ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 19:13:48 GMT
server
AkamaiNetStorage
etag
"372ea9f5b6a9bba9973d9fb327998263:1664910828.091502"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
18994
expires
Fri, 07 Oct 2022 05:57:45 GMT
country.js
c.evidon.com/geo/ 		252 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.77.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-77-186.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 23:46:45 GMT
server
AkamaiNetStorage
etag
"61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
174
snthemes.js
c.evidon.com/sitenotice/1696/ 		86 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/1696/snthemes.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/contactus.do
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.77.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-77-186.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c07580bcaa038939ed1df3cedcf8831014e9fb136f01059d65217461c1a952a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 10:01:24 GMT
server
AkamaiNetStorage
etag
"d3732f6adb63f67aa3a7926ab008fb33:1662544884.031835"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3865
expires
Fri, 07 Oct 2022 05:57:45 GMT
settingsV2.js
c.evidon.com/sitenotice/1696/e-rewards/
Redirect Chain
  • https://c.evidon.com/sitenotice/1696/e-rewards/settings.js
  • https://c.evidon.com/sitenotice/1696/e-rewards/settingsV2.js
29 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/1696/e-rewards/settingsV2.js
Protocol
H2
Server
104.103.77.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-77-186.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f87b3de6be66a14fe7305db505dd280e52447c74b548fcce46d0c22c19a010ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
gzip
last-modified
Fri, 30 Sep 2022 15:17:12 GMT
server
AkamaiNetStorage
etag
"3fa1fb0ebf73e93c56c1c2ba77d38d87:1664551032.485733"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3575
expires
Fri, 07 Oct 2022 05:57:45 GMT

Redirect headers

date
Wed, 05 Oct 2022 05:57:45 GMT
server
AkamaiGHost
vary
Origin
access-control-max-age
108000
access-control-allow-methods
GET,OPTIONS,POST
location
https://c.evidon.com/sitenotice/1696/e-rewards/settingsV2.js
access-control-allow-origin
cache-control
max-age=432000, private;max-age=86400
access-control-allow-headers
*
content-length
0
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EJNQK6G68Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFM7ZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87a0b6ba976754400b3f0db9d0efe67ed13cd33eaa3fe6f1345a93506756b544
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75730
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 05 Oct 2022 05:57:45 GMT
Bootstrap.js
nexus.ensighten.com/choozle/12214/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/12214/Bootstrap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFM7ZQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-106.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f6eee008275250a5d785e51e808048ff0d85019c0fe155f07a773d4bdea4f36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 03:18:56 GMT
x-amz-version-id
Wves9fWoeyaDso0HIjRuYUs2ois8PoUy
content-encoding
br
via
1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
2342330
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 12 Aug 2021 15:28:28 GMT
server
AmazonS3
etag
W/"72beaa935fd439fec33703af704232bc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
NArr-PH6dzW1IkKa4NwzajOKDx0neowfwXfcarWlOh5AlQukiVvQwg==
1702204
vc.hotjar.io/sessions/ 		0
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1702204?s=0.25&r=0.038424693052296455
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9768ba80ba0be5b17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-15.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
via
1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
vSnYYaAetWSba6Gw7fyaspc6fecBfISYiD965B7VzYtaBc5esDdnhQ==
collect
region1.analytics.google.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EJNQK6G68Z&gtm=2oea30&_p=775608235&_gaz=1&cid=140691620.1664949465&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664949465&sct=1&seg=0&dl=https%3A%2F%2Fwww.e-rewards.com%2Fcontactus.do&dt=Paid%20Surveys%20Online%20%7C%20e-Rewards%20currency&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EJNQK6G68Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:57:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.e-rewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EJNQK6G68Z&cid=140691620.1664949465&gtm=2oea30&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EJNQK6G68Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:57:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.e-rewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EJNQK6G68Z&cid=140691620.1664949465&gtm=2oea30&aip=1&z=2052535173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:57:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.js
c.evidon.com/sitenotice/1696/translations/ 		146 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/1696/translations/en.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.77.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-77-186.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7fb7e5f74b8a29529a400608bebbb41d570b0e3c7c9dfb9ce06d8c9af6b05ce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 10:01:23 GMT
server
AkamaiNetStorage
etag
"9d2bf512bce27333a03c74010471dc7c:1662544883.41105"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
9626
expires
Fri, 07 Oct 2022 05:57:45 GMT
serverComponent.php
nexus.ensighten.com/choozle/12214/ 		282 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/12214/serverComponent.php?r=632630647.5265528&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/12214/code/&publishedOn=Tue%20Sep%2029%2019:51:26%20GMT%202020&ClientID=923&PageID=https%3A%2F%2Fwww.e-rewards.com%2Fcontactus.do
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12214/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-106.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
2b90ddbb35b5cf5734a716a5776947d0d4acc9bb72e45b08995620b704a6b915

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
via
1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
content-length
282
x-amz-cf-id
2MsEKlTyximHR810YgvC_h7Whx5-0Z4iGMDR7IEDFTlvDlxQ1lsHRQ==
expires
Wed, 05 Oct 2022 05:57:44 GMT
evidon-barrier.js
c.evidon.com/sitenotice/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-barrier.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.77.186 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-77-186.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68b08a7e42955e19b961db91ee77f52b379ff30253d27dbd573365359757ea4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 19:13:49 GMT
server
AkamaiNetStorage
etag
"ba40b7418481531fdf6163b7d67c407e:1664910829.023625"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3927
expires
Fri, 07 Oct 2022 05:57:45 GMT
2
l.evidon.com/site/v3/1696/61644/3/1/3/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/1696/61644/3/1/3/2?consent=0&regulationid=2&regulationconsenttypeid=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
63642
l.evidon.com/site/v3/1696/61644/3/1/3/2/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/1696/61644/3/1/3/2/63642?consent=0&regulationid=2&regulationconsenttypeid=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
63642
l.evidon.com/site/v3/1696/61644/3/5/3/2/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/1696/61644/3/5/3/2/63642?consent=0&regulationid=2&regulationconsenttypeid=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:57:45 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
77819ac0b9d2bc1d24f7cfdd783cc0d1.js
nexus.ensighten.com/choozle/12214/code/ 		1 KB
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/12214/code/77819ac0b9d2bc1d24f7cfdd783cc0d1.js?conditionId0=421905
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12214/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-106.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cfe6b3f2587a9ea5f31db67a0a0fb19a8279d43e35a04332678b7749eb041ad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 01:50:02 GMT
x-amz-version-id
_CQctmzxfCDxv2oKiWq42.gWObD7Ymtz
content-encoding
br
via
1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
3125264
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 12 Aug 2021 15:28:31 GMT
server
AmazonS3
etag
W/"0949f3a716d0a13aa5549a4c9f56c7c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
ZwNW1QG1iG7BPKtMyenVdY_1eU2-bhfmfjLALUBOhY9Aw0gxDG6PcA==
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EJNQK6G68Z&gtm=2oea30&_p=775608235&cid=140691620.1664949465&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1664949465&sct=1&seg=0&dl=https%3A%2F%2Fwww.e-rewards.com%2Fcontactus.do&dt=Paid%20Surveys%20Online%20%7C%20e-Rewards%20currency&en=scroll&epn.percent_scrolled=90&_et=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EJNQK6G68Z&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:57:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.e-rewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| svg undefined| cssBlob undefined| style object| corona object| UPP function| $ function| jQuery function| _ object| angular object| googleCaptchaCompleted function| captchaReadyCallback function| formatPoints object| SiteNotification function| bugsnag object| bugsnagClient object| _satellite boolean| __satelliteLoaded function| gtag object| dataLayer function| hj object| _hjSettings object| FontAwesomeKitConfig object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| getUrlParameter string| utm string| medium string| campaign number| __lo_site_id function| openHelpWidget object| fwSettings function| FreshworksWidget number| respondentInfoReady function| initFreshWiidget number| freshHelpReady function| iFreshWiidget object| FwBootstrap function| contractMode object| gaplugins object| gaGlobal object| gaData boolean| __lo_csr_added object| evidon function| onYouTubeIframeAPIReady object| ensBootstraps object| Bootstrapper string| bucketid

10 Cookies

Domain/Path Name / Value
.e-rewards.com/ Name: _gid
Value: GA1.2.1944490233.1664949465
.e-rewards.com/ Name: _gat_gtag_UA_48438478_1
Value: 1
.e-rewards.com/ Name: _gcl_au
Value: 1.1.1961470818.1664949465
.e-rewards.com/ Name: _hjSessionUser_1702204
Value: eyJpZCI6Ijg1MGIxMjBkLWEzNTctNWY4MS04MTJmLTE1YzliZjBkNjI0YSIsImNyZWF0ZWQiOjE2NjQ5NDk0NjUyMjIsImV4aXN0aW5nIjpmYWxzZX0=
.e-rewards.com/ Name: _hjFirstSeen
Value: 1
www.e-rewards.com/ Name: _hjIncludedInSessionSample
Value: 0
.e-rewards.com/ Name: _hjSession_1702204
Value: eyJpZCI6IjFlYTUxNjg5LTUyNTYtNGQyZC1iYWZiLTVlMzBmNDZkZGYwNCIsImNyZWF0ZWQiOjE2NjQ5NDk0NjU1MDEsImluU2FtcGxlIjpmYWxzZX0=
.e-rewards.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.e-rewards.com/ Name: _ga_EJNQK6G68Z
Value: GS1.1.1664949465.1.0.1664949465.60.0.0
.e-rewards.com/ Name: _ga
Value: GA1.1.140691620.1664949465

1 Console Messages

Source Level URL
Text
network error URL: https://www.e-rewards.com/contactus.do
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
c.evidon.com
d10lpsik1i8c69.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
darwin-assets.dynata.com
fonts.googleapis.com
fonts.gstatic.com
goggles.mw.dynata.com
ka-f.fontawesome.com
kit.fontawesome.com
l.evidon.com
nexus.ensighten.com
region1.analytics.google.com
script.hotjar.com
sessions.bugsnag.com
settings.luckyorange.net
static.hotjar.com
stats.g.doubleclick.net
surveysupport.freshdesk.com
upp-public.s3.amazonaws.com
vars.hotjar.com
vc.hotjar.io
widget.freshworks.com
www.e-rewards.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
104.103.77.186
104.26.11.16
108.138.34.14
108.138.7.27
13.32.110.106
18.66.112.15
2001:4860:4802:32::36
2600:1901:0:7a0b::
2600:9000:211a:7000:3:68f9:62c0:93a1
2600:9000:2204:fa00:17:5070:d6c0:93a1
2606:4700::6812:1734
2606:4700:e6::ac40:ca1c
2a00:1450:4001:803::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2008
2a00:1450:400c:c00::9c
2a02:26f0:3500:58f::1e80
34.205.216.121
34.228.250.246
52.207.46.48
52.217.141.81
52.222.137.209
52.222.214.73
52.222.236.63
65.9.86.126
08704cd4341e4868975423d2e5cb401419e8525f51d4124f1a6faa9c43ff2b28
0a9094c150596de12e4d5a157e2ab23b9319a5ebf715b534d78fa4372e5f99c0
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0dd504694a5c34ec1857d350623b9eb9a5108826f707936e50ae7c643dc8835c
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
151747425d77e68d7139dc374ebb289ee1ddda7dea62727a93be1c91591bde2d
223bca8d43d8707a74ccd7526391fe5ac83c702a5c9b7e772bb1ad16644bae02
2650c02304c924f8c9350e237aeb1084629a5466d32ad05641467b51b800efe1
2b90ddbb35b5cf5734a716a5776947d0d4acc9bb72e45b08995620b704a6b915
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3c07580bcaa038939ed1df3cedcf8831014e9fb136f01059d65217461c1a952a
43a38cf42048aa92607465237bd0abcafeee064b02d3b4b2ad214c2c52f4c491
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010
5f6eee008275250a5d785e51e808048ff0d85019c0fe155f07a773d4bdea4f36
61740d4723ac22ebbe2e30d06a16b05a2b9ce12929dfa1096e86040708f4f449
683d56d7dcaf63098ebb768af4f59bf2e8e95b41d29b6e603c48507acc1139a3
68b08a7e42955e19b961db91ee77f52b379ff30253d27dbd573365359757ea4e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6beaa737a07b2cdd82921ee0c8f09b66a177140265905ce32c1ef9c1dfb59272
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6f2ae750b8b91083fe462d13950001c71923cefae2e7a2c6a82e5e87b1b5cc63
702a1bce86e29766ac378801b60b23a8bd07c8e342ce074b60ea626e3e2a92a6
75d814df063980d65abcc223a3c8313d4ebeba9435ddcd7b961cccdd1688539b
76cb4beb9d787bc1b4a5c3b4fddac398c8f3b371331ccd026f5a1cff1f6d22cd
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
7fb7e5f74b8a29529a400608bebbb41d570b0e3c7c9dfb9ce06d8c9af6b05ce8
85b5e0ac186f64a05b6f8b95e5fb25e8706c05d7f8141449f769b153b11d9933
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
87a0b6ba976754400b3f0db9d0efe67ed13cd33eaa3fe6f1345a93506756b544
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
940814c81f66bbc6074e23d64a49d45c5946d3e93c5c6807dc6c30f52e99b690
96683749d2c3d3d7bd41b1e8fe4ccb72fbdc6d31be4815741cb0c3a471ef3861
968251f055c1fe0ace50070a7699a8e6318cab42b2fe8d9f09183fb28935f013
9765e2a5cb416fba2b40a4775f7d60a6af704db8799da9bad960a698a5ba2cff
98e192cd4c0c0ff6fe661f022c0569e05b824392f6b172a6b54ff3233d03837e
9a3f4874b9624de93233d866964b0157bb391a458e6171cec6ce2f5023b441aa
ae6efcd8bfb917e83cc1025084fc434eb2b3cc82ede1d5144c950d2d24b097ac
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7d31b17b42f6e8ebc8fd72fdf1f97e951e67bdbc22d3517263ca992c79a3150
be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42
beca0b841439ecad66c06d67aae666878501c28cd78c63add594c9cb8b58531b
bf3d7c09c6f60ad25b09675f259a885789faa56f93832f75a5f6ead5a210b43e
bfb745758c9ec0195071fcaabd9791a08bffbe4315a3c80739b084d37e087369
c2e842ed394f4e7535d88f8bd20b33815df788674b008989512efb572ffedf61
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c8ead910f0137791246b27c2ffceb67e8472754570113840bf7e8c4e860446da
ce790ebecbb55dffebbaa44622b9c389a00533b410216fb0a12e92ad28917fdb
cfe6b3f2587a9ea5f31db67a0a0fb19a8279d43e35a04332678b7749eb041ad0
d9030cf65cb69a872c47189a3e1f695c8f2e1522826ab296d7be86b509dc4fd3
e0253ec10cf55e245b9f78544fdb24b4362dc04d031f1f66081012cbd72230d2
e16b9816ecaf90056fe69adbef5506c6c014c03b4d17826f89f84d19a54ba68e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee44cd411ab8bbae046b53b3e23b1a0bf0c85a547df4707c29d094043624dd4b
eebb718a7898bfa8dabd53c7b04f06fc4c9e37de7778cf19d29ab2c30eb7e420
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f87b3de6be66a14fe7305db505dd280e52447c74b548fcce46d0c22c19a010ea
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd1d48c6172c4a60339397890b7687cdcb03b45261d095304888c79e959714fb
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576
fe65898caf3e96a757235a0703ed19cd9152b6912d62b20fb6ea4326f47d823d
fe860cbc35aa951ba1f62490405502ab4f77228774138f2ea129bf5acc49dedb
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995