urlscan.io logo urlscan.io
SecurityTrails logo

www.uplevelrewarrds.com Open in urlscan Pro
34.234.52.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pay.sephorareviewer.online/
Effective URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Submission Tags: suspect
Submission: On November 11 via api from BR — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 14 domains to perform 32 HTTP transactions. The main IP is 34.234.52.18, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.uplevelrewarrds.com.
TLS certificate: Issued by R11 on September 21st 2024. Valid for: 3 months.
This is the only time www.uplevelrewarrds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.64.119.254 22612 (NAMECHEAP...)
1 1 172.67.155.142 13335 (CLOUDFLAR...)
2 2 52.205.36.237 14618 (AMAZON-AES)
1 34.234.52.18 14618 (AMAZON-AES)
11 104.18.160.117 13335 (CLOUDFLAR...)
1 142.251.32.106 15169 (GOOGLE)
8 104.18.186.31 13335 (CLOUDFLAR...)
1 18.238.59.82 16509 (AMAZON-02)
2 76.76.21.22 16509 (AMAZON-02)
1 142.250.65.170 15169 (GOOGLE)
1 104.22.59.181 13335 (CLOUDFLAR...)
2 52.201.134.122 14618 (AMAZON-AES)
1 3.6.134.231 16509 (AMAZON-02)
1 76.76.21.142 16509 (AMAZON-02)
1 104.18.21.222 13335 (CLOUDFLAR...)
1 142.251.41.3 15169 (GOOGLE)
32 13
1    192.64.119.254 (United States)

ASN22612 (NAMECHEAP-NET, US)
pay.sephorareviewer.online
1    172.67.155.142 (United States)

ASN13335 (CLOUDFLARENET, US)
glstrck.com
2    52.205.36.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-36-237.compute-1.amazonaws.com
glitchy.go2cloud.org
1    34.234.52.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-52-18.compute-1.amazonaws.com
www.uplevelrewarrds.com
11    104.18.160.117 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    142.251.32.106 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f10.1e100.net
ajax.googleapis.com
8    104.18.186.31 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    18.238.59.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-59-82.jfk52.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
2    76.76.21.22 (Walnut, United States)

ASN16509 (AMAZON-02, US)
app.optibase.io
1    142.250.65.170 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f10.1e100.net
fonts.googleapis.com
1    104.22.59.181 (None, )

ASN13335 (CLOUDFLARENET, US)
us-assets.i.posthog.com
2    52.201.134.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-134-122.compute-1.amazonaws.com
us.i.posthog.com
1    3.6.134.231 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-6-134-231.ap-south-1.compute.amazonaws.com
videsigns-staging.co.uk
1    76.76.21.142 (Walnut, United States)

ASN16509 (AMAZON-02, US)
app.glitchy.ai
1    104.18.21.222 (None, )

ASN13335 (CLOUDFLARENET, US)
www.rewardsgiantca.com
1    142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 6168
682 KB
8 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
80 KB
3 posthog.com
us-assets.i.posthog.com — Cisco Umbrella Rank: 24721
us.i.posthog.com — Cisco Umbrella Rank: 7547
60 KB
2 optibase.io
app.optibase.io — Cisco Umbrella Rank: 44518
26 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
fonts.googleapis.com — Cisco Umbrella Rank: 30
7 KB
2 go2cloud.org
glitchy.go2cloud.org — Cisco Umbrella Rank: 534550
2 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 rewardsgiantca.com
www.rewardsgiantca.com
50 KB
1 glitchy.ai
app.glitchy.ai
9 KB
1 videsigns-staging.co.uk
videsigns-staging.co.uk — Cisco Umbrella Rank: 303927
185 B
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
1 uplevelrewarrds.com
www.uplevelrewarrds.com
14 KB
1 glstrck.com
glstrck.com
616 B
1 sephorareviewer.online
pay.sephorareviewer.online
267 B
32 14
Domain Requested by
11 cdn.prod.website-files.com www.uplevelrewarrds.com
cdn.prod.website-files.com
8 cdn.jsdelivr.net www.uplevelrewarrds.com
cdn.jsdelivr.net
2 us.i.posthog.com us-assets.i.posthog.com
2 app.optibase.io www.uplevelrewarrds.com
app.optibase.io
2 glitchy.go2cloud.org 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 www.rewardsgiantca.com www.uplevelrewarrds.com
1 app.glitchy.ai www.uplevelrewarrds.com
1 videsigns-staging.co.uk d3e54v103j8qbb.cloudfront.net
1 us-assets.i.posthog.com www.uplevelrewarrds.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net www.uplevelrewarrds.com
1 ajax.googleapis.com www.uplevelrewarrds.com
1 www.uplevelrewarrds.com
1 glstrck.com 1 redirects
1 pay.sephorareviewer.online 1 redirects
32 16

This site contains no links.

Subject Issuer Validity Valid
www.uplevelrewarrds.com
R11		 2024-09-21 -
2024-12-20		 3 months crt.sh
prod.website-files.com
WE1		 2024-10-21 -
2025-01-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
app.optibase.io
R10		 2024-10-27 -
2025-01-25		 3 months crt.sh
*.i.posthog.com
WE1		 2024-10-05 -
2025-01-03		 3 months crt.sh
videsigns-staging.co.uk
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-11		 a year crt.sh
app.glitchy.ai
R11		 2024-10-12 -
2025-01-10		 3 months crt.sh
rewardsgiantca.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Frame ID: 7EB32696D7A6AABB93ECAB6766498D32
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sephora Special Offer!

Page URL History Show full URLs

  1. http://pay.sephorareviewer.online/ HTTP 307
    https://pay.sephorareviewer.online/ HTTP 307
    http://pay.sephorareviewer.online/ HTTP 302
    https://glstrck.com/aff_c?offer_id=163&aff_id=26934 HTTP 302
    https://glitchy.go2cloud.org/aff_c?offer_id=163&aff_id=26934 HTTP 302
    https://glitchy.go2cloud.org/aff_r?offer_id=162&aff_id=26934&url=https%3A%2F%2Fwww.uplevelrewarrds.com%2F... HTTP 302
    https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

32
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

16
Subdomains

13
IPs

3
Countries

1006 kB
Transfer

1790 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pay.sephorareviewer.online/ HTTP 307
    https://pay.sephorareviewer.online/ HTTP 307
    http://pay.sephorareviewer.online/ HTTP 302
    https://glstrck.com/aff_c?offer_id=163&aff_id=26934 HTTP 302
    https://glitchy.go2cloud.org/aff_c?offer_id=163&aff_id=26934 HTTP 302
    https://glitchy.go2cloud.org/aff_r?offer_id=162&aff_id=26934&url=https%3A%2F%2Fwww.uplevelrewarrds.com%2F%3Fs1%3D26934%26s2%3D162%26s3%3D1027200c80c7d69544a89dd23be6c7%26s4%3D%26s5%3Dsephorapoll750ca&urlauth=657729925125856457004127326011 HTTP 302
    https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.uplevelrewarrds.com/
Redirect Chain
  • http://pay.sephorareviewer.online/
  • https://pay.sephorareviewer.online/
  • http://pay.sephorareviewer.online/
  • https://glstrck.com/aff_c?offer_id=163&aff_id=26934
  • https://glitchy.go2cloud.org/aff_c?offer_id=163&aff_id=26934
  • https://glitchy.go2cloud.org/aff_r?offer_id=162&aff_id=26934&url=https%3A%2F%2Fwww.uplevelrewarrds.com%2F%3Fs1%3D26934%26s2%3D162%26s3%3D1027200c80c7d69544a89dd23be6c7%26s4%3D%26s5%3Dsephorapoll750...
  • https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
99 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.234.52.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-52-18.compute-1.amazonaws.com
Software
/
Resource Hash
4114d42169ebc1367ef3ceaf7920b7a08825624723466f32db9850096f6b0aa9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
8e0f503728760810-IAD
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Mon, 11 Nov 2024 15:28:39 GMT
last-modified
Mon, 11 Nov 2024 15:28:39 GMT
strict-transport-security
max-age=31536000
surrogate-control
max-age=2147483647
surrogate-key
www.uplevelrewarrds.com 66858dec07e4f862e3d65338 pageId:66858dec07e4f862e3d65333
vary
Accept-Encoding
x-cluster-name
us-east-1-prod-hosting-red
x-frame-options
SAMEORIGIN
x-lambda-id
97901cdf-40bf-4653-b952-8efc15099fb4

Redirect headers

Accept-Ch
Sec-Ch-Dpr, Dpr, Sec-Ch-Ua-Model
Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
306
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 11 Nov 2024 15:28:39 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Pragma
no-cache
Server
nginx
X-Request-Id
377d457801bf5a672f90568ebb66c5e4
glitchyai-staging-14d2364774b9c610aafbe.webflow.b2d8e0eea.min.css
cdn.prod.website-files.com/66858dec07e4f862e3d65338/css/ 		62 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/css/glitchyai-staging-14d2364774b9c610aafbe.webflow.b2d8e0eea.min.css
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
780cfee897e5f76dff5c96060b9ecab1ce7dd4e30c43b6603c2aa818eb6d24a4

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"42c35a603d9adaeee8dd7ee79313a2bd"
x-amz-version-id
zTy8InKt.HY0uEnILTmwj_WIpN2z2zjY
age
634
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:28:39 GMT
content-type
text/css
last-modified
Thu, 26 Sep 2024 03:05:03 GMT
vary
Accept-Encoding
x-amz-id-2
AEUtBAI5XmSun2bLP0ipQmJkaN9LHWj3e6Pygh5Y1+fYgcvUaF2DjYkepUJsujlR8xXYpu+ahuA=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
W0RB9QY4P81GPJ87
cf-ray
8e0f50395adbabe8-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
13256
server
cloudflare
x-amz-server-side-encryption
AES256
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.106 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f10.1e100.net
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

content-encoding
gzip
age
357987
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 12:02:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 12:02:12 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5437
x-xss-protection
0
server
sffe
cmsfilter.js
cdn.jsdelivr.net/npm/@finsweet/attributes-cmsfilter@1/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmsfilter@1/cmsfilter.js
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04c31130a9d95f9aabf28b265ac4266b7772705a980ce3eabc4f3daa23cef984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"5a52-7l0c8IkTDtvDwGJJ3Yh02Lyvxx0"
age
31489
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IrTsDtntm8TIAyWtcUnwv85rN2SnA6dQhSLfxXFpfoh24j2bRsh64eGOoeF5uYzePQ%2FKYq6CGhpImD62GjHIki9Gu5RmIpHUXLQ6hFer14NEqpdVFQOQiiG%2FnX156KB9uxQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 11 Nov 2024 15:28:39 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220148-FRA, cache-lga21959-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0f5039eae836ab-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
9029
server
cloudflare
x-jsd-version
1.16.2
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=66858dec07e4f862e3d65338
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.59.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-59-82.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.uplevelrewarrds.com
Referer
https://www.uplevelrewarrds.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age
50808
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
U56kjYMjWZGvzXyjfwJL5IG2ZgvOZiVtDhuKZeAq1DcQ0AUFCr0fvA==
date
Mon, 11 Nov 2024 01:21:54 GMT
content-type
application/javascript
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
vary
accept-encoding
cache-control
max-age=84600, must-revalidate
via
1.1 590897dc65a5ea6dcbac1c8ea98c65c4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P4
server
AmazonS3
webflow.b7f63c9af.js
cdn.prod.website-files.com/66858dec07e4f862e3d65338/js/ 		176 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/js/webflow.b7f63c9af.js
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d12dc97bbb96068202dc4fd887362a12b17c4f30bd542911577487d7ea6e532

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"7bd308a6cc0042f27d2012923a848ba5"
x-amz-version-id
YbHKQzHzlrbk3rXeQevupf1ppmDRyvC3
age
634
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:28:39 GMT
content-type
text/javascript
last-modified
Thu, 26 Sep 2024 03:05:03 GMT
vary
Accept-Encoding
x-amz-id-2
G01wXjz/KO4p66oTGXpr3gLBtUpl6/KdtPyKNR8/NRmZIG+cjThhtGTCaf1U4REtxS9TjkvEuMQoOOf1G9AEslm7DeecTmI6z9VRmY36oHs=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
W0RCZWB33FF2R6HH
cf-ray
8e0f50395adeabe8-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
65797
server
cloudflare
x-amz-server-side-encryption
AES256
script.js
app.optibase.io/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.optibase.io/script.js
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
381a4daf1d8b4327f108ef981ab8b87f21414f249b98a10eaf276297771fbfa3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

strict-transport-security
max-age=63072000
x-vercel-id
iad1::kdrjh-1731338920308-4282e6ec2f66
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"ef0e850b45d0ab3273c39cffb40044ab"
age
299588
x-matched-path
/script.js
access-control-allow-origin
*
date
Mon, 11 Nov 2024 15:28:40 GMT
content-disposition
inline; filename="script.js"
content-type
application/javascript; charset=utf-8
server
Vercel
last-modified
Fri, 08 Nov 2024 01:55:52 GMT
x-frame-options
SAMEORIGIN
tom-select.complete.min.js
cdn.jsdelivr.net/npm/tom-select@2.2.2/dist/js/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/tom-select@2.2.2/dist/js/tom-select.complete.min.js
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e5e5d665ac1716a663e5646801072f5518f19a72c6558bbbc70807d9d9bcba0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
HIT
etag
W/"bf84-kaLIhaSzBXd6ZcaHDaHT1kPsHL8"
age
16336950
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2dazmmgH2lbfE%2B%2FQflgoxJd3rCRW6qZRdYNdkYBQ0NbLBT0Bq0PL8PuWPfQpHy91dEXt2fpClRd%2FgIsLroHs%2BIqgATrwby%2BX0wQO3pXnoxdZ%2By5qKTEkq754saC9XW3jIA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 11 Nov 2024 15:28:39 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230053-FRA, cache-lga21956-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0f50399a7f36ab-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
16812
server
cloudflare
x-jsd-version
2.2.2
countrycode.js
cdn.jsdelivr.net/gh/videsigns/webflow-tools@latest/ 		46 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/videsigns/webflow-tools@latest/countrycode.js
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9c97cdefc4c6be27ba4eb62571436f3ceb7c3d591df0bf5be0cab1ea249d97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"b981-9tTR2KhOfyR2jR6Lqm7V9VHJivU"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K50ccV5F8wnQbC6shfqylRNLvASos6gbqGsGyDuqgi3Wx0sFRgg9O8tsJdEDbk%2BY7aFL%2FMp%2FH3N9DZALEH%2FoPjl9stVuOajs214IO1XqfzyGxvc3W8kvik%2FcLO7DeCd7Zho%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 11 Nov 2024 15:28:39 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230141-FRA, cache-lga21976-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0f50399a8336ab-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7247
server
cloudflare
x-jsd-version
3.6.22
multi-step.js
cdn.jsdelivr.net/gh/videsigns/webflow-tools@latest/ 		144 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/videsigns/webflow-tools@latest/multi-step.js
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21195d829e0627ea8c89902db814682c32563a1eec9d87c33bfd6ed94ed9ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"23f45-tszeA4lNa/eVzNHGaW+QNTFs7PM"
age
10832
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3u54K0CBmGqp3KTobSASagaVszO7%2F1%2FG0RKHUVb8m51LM1J7gS2s77r%2BtrO8UtuyRv4eYEVUA5pfwaqedlhlyxvhOvWtIebTuurb5fTtDfvmcJBQkxqxzM%2BMtJ%2FYx5hJFaM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
MISS, MISS
date
Mon, 11 Nov 2024 15:28:39 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220039-FRA, cache-lga21939-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0f50399a8036ab-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
28584
server
cloudflare
x-jsd-version
3.6.51
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:300,regular,500,600,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f10.1e100.net
Software
ESF /
Resource Hash
1f273927d8c1c53deecc98f5c9a945f5613c5711a5e2920e55b51cf18225d704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 11 Nov 2024 15:28:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:28:43 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
array.js
us-assets.i.posthog.com/static/ 		164 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-assets.i.posthog.com/static/array.js
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.59.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0615308b7c98c6091a1dd9157b200983aba8c381da242aab08bd36f62647ce75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

cache-control
public, max-age=300
cross-origin-opener-policy
same-origin
content-encoding
gzip
x-envoy-upstream-service-time
3
age
273
cf-cache-status
HIT
referrer-policy
same-origin
x-content-type-options
nosniff
cf-ray
8e0f503c0c4f53e3-YYZ
access-control-allow-origin
*
date
Mon, 11 Nov 2024 15:28:40 GMT
content-type
text/javascript; charset="utf-8"
last-modified
Mon, 11 Nov 2024 12:46:27 GMT
vary
Accept-Encoding
server
cloudflare
66858dec07e4f862e3d65367_MaisonNeueDemi.otf
cdn.prod.website-files.com/66858dec07e4f862e3d65338/ 		126 KB
127 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/66858dec07e4f862e3d65367_MaisonNeueDemi.otf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/css/glitchyai-staging-14d2364774b9c610aafbe.webflow.b2d8e0eea.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4dfadb308dff50874015f5097c0b4658cc5c05ea7e190dd40961df6bea375b

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.uplevelrewarrds.com
Referer
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/css/glitchyai-staging-14d2364774b9c610aafbe.webflow.b2d8e0eea.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"95ff0cc592717e1b95504604200a6d33"
x-amz-version-id
D.9418dVhMSaQZyh8grQzL4w4El_UkwC
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:28:40 GMT
content-type
application/x-font-otf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 03 Jul 2024 17:44:14 GMT
x-amz-id-2
9elz7IkpvtDRMo+xGOog+aHYa6FIMDqpwDyulaQCjUI1rE63dh0MRghfeg63PwMKTouLMFUyjfc=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
JBSQMKX2QRK54ZGR
cf-ray
8e0f503aa827ab27-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
129316
server
cloudflare
x-amz-server-side-encryption
AES256
66858dec07e4f862e3d6536c_MaisonNeueBold.otf
cdn.prod.website-files.com/66858dec07e4f862e3d65338/ 		126 KB
127 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/66858dec07e4f862e3d6536c_MaisonNeueBold.otf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/css/glitchyai-staging-14d2364774b9c610aafbe.webflow.b2d8e0eea.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9cc065d5883ac526ad52d886a7092e1ccd2a00a48295a733d879b80a6d4dff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.uplevelrewarrds.com
Referer
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/css/glitchyai-staging-14d2364774b9c610aafbe.webflow.b2d8e0eea.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"ad3da8becfd291816f3a2f3205aed4fe"
x-amz-version-id
.paGtZo_OoNOTeMH3jfUBKMxHt_4sl44
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:28:40 GMT
content-type
application/x-font-otf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 03 Jul 2024 17:44:14 GMT
x-amz-id-2
ULbluSP8dHj9uuO5AsxdW5IvfV0qYgfY6dIz3dP0PBF1U3d+cdg149cfLW6C5dH5d5mtpmmDjSY=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
JBSY13GSX6KV3ES4
cf-ray
8e0f503aa82cab27-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
129360
server
cloudflare
x-amz-server-side-encryption
AES256
66858dec07e4f862e3d6536e_MaisonNeueBook.otf
cdn.prod.website-files.com/66858dec07e4f862e3d65338/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/66858dec07e4f862e3d6536e_MaisonNeueBook.otf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/css/glitchyai-staging-14d2364774b9c610aafbe.webflow.b2d8e0eea.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71b25c2066762d46f636a4edfcc8f3c0a35c3fad9e3a67b56133e1b7f10cab6b

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.uplevelrewarrds.com
Referer
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/css/glitchyai-staging-14d2364774b9c610aafbe.webflow.b2d8e0eea.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"1405ded369b48811179a2208e15ccc86"
x-amz-version-id
CiLsyC6Y6B3GUN343GW54Vtsl3IzNu0q
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:28:40 GMT
content-type
application/x-font-otf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 03 Jul 2024 17:44:14 GMT
x-amz-id-2
v4MLQRGZ6vsgZPKUJttK7vGKrX8J+nWhYVfBWSy1i7mLIzBI03MTm+Y/S2746gHlmve1dpqF0aA=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
JBSJT4HTY2FVKCYB
cf-ray
8e0f503aa832ab27-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
127508
server
cloudflare
x-amz-server-side-encryption
AES256
66858dec07e4f862e3d6539b_MaisonNeueMedium.otf
cdn.prod.website-files.com/66858dec07e4f862e3d65338/ 		126 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/66858dec07e4f862e3d6539b_MaisonNeueMedium.otf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/css/glitchyai-staging-14d2364774b9c610aafbe.webflow.b2d8e0eea.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c8b9cd7aa214093717d991618afab5bc0feee63f5655cb8105e1ed660152978

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.uplevelrewarrds.com
Referer
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/css/glitchyai-staging-14d2364774b9c610aafbe.webflow.b2d8e0eea.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"fd1c19602322ad6a7cca4031cce22b8e"
x-amz-version-id
9eVlG.QdohL.Oqkru4Ube2r2rfnxou4j
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:28:40 GMT
content-type
application/x-font-otf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 03 Jul 2024 17:44:14 GMT
x-amz-id-2
fAqv2kFpsPEY72EQUlDK+W8DEwnLkWrKuKnGnUCBqK6gCDL1pxQJ5qXKJ4UhPPuzgjnzH4+616k=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
JBSVBT3JKDYCMR6E
cf-ray
8e0f503aa835ab27-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
128648
server
cloudflare
x-amz-server-side-encryption
AES256
66858e2981afc023c0fae473_transparent.svg
cdn.prod.website-files.com/66858dec07e4f862e3d65338/ 		154 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/66858e2981afc023c0fae473_transparent.svg
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb82c90997bb2904a2327fc0a0a04203d5fc14f85067071a10b387e5449d695f

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"dd831b3af43373fe4c35414211aaa965"
x-amz-version-id
IxaNArNP5RqPiNBff_e0p5X5HHxUW8gb
age
635
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:28:40 GMT
content-type
image/svg+xml
last-modified
Wed, 03 Jul 2024 17:45:14 GMT
vary
Accept-Encoding
x-amz-id-2
2H6KKEL22Sx53cmqYBq3Mq7vb0OZMje7XAuRAUZDIbelkoMHm8hL4XprCZr4jPNOZ38MJIgRySC2N1D9Fq8PkLPxsFexOsYNfE92lzYn26k=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
W0R5CEAA6K3C2GGQ
cf-ray
8e0f503aad19abe8-YYZ
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
66858dec07e4f862e3d653aa_Frame%201261157945.png
cdn.prod.website-files.com/66858dec07e4f862e3d65338/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/66858dec07e4f862e3d653aa_Frame%201261157945.png
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e4de9776d3fe996fb9d0bc9d106f1b9351d90b7e7b9ada5b8fde83db36fde96

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

cf-cache-status
HIT
etag
"91729a805c28de456ef75a3b1dabf0ba"
x-amz-version-id
.8mc5Qzga7YQlDt3Fc0BkIUxv2yIR5ID
age
635
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:28:40 GMT
content-type
image/png
last-modified
Wed, 03 Jul 2024 17:44:14 GMT
vary
Accept-Encoding
x-amz-id-2
IhKEi3m1Q+Ow5bRhyTvelqfN4ijDSpJqrEycLBKIp5OAWSSuWzxME7YazCAmrUIzc+Kn4H32Jsq4qh7t5YzU+S0CRcqc653t
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
W0R15KGB54N7Z7DF
cf-ray
8e0f503aad1babe8-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
22852
server
cloudflare
x-amz-server-side-encryption
AES256
66858dec07e4f862e3d653b3_Frame%25201261158049-p-500.png
cdn.prod.website-files.com/66858dec07e4f862e3d65338/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/66858dec07e4f862e3d653b3_Frame%25201261158049-p-500.png
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52bf32ab7c8c555eaccfd4ededbc496a4b1e4ffddc28964050f41fda258b279b

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

cf-cache-status
EXPIRED
etag
"7ff515302be77aa133e6827f29c2427a"
x-amz-version-id
35hiRYQq.YE3SED.J0TFmKIfs2hId3fo
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:28:40 GMT
content-type
image/png
last-modified
Wed, 03 Jul 2024 17:44:14 GMT
vary
Accept-Encoding
x-amz-id-2
pFLmqnWmasgdmIGvHGJqxPvxxaeNXVesAkf/9aPh1tQQhc2lK8teOs8mEMiTmfTK5kA31amoA72hgisPWnsUXjjrYJJBu9SY/84kCS468Cg=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
4V4H4N95MD6JD4PP
cf-ray
8e0f503aad1dabe8-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
28407
server
cloudflare
x-amz-server-side-encryption
AES256
66858dec07e4f862e3d653b1_Frame%25201261158063-p-500.png
cdn.prod.website-files.com/66858dec07e4f862e3d65338/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/66858dec07e4f862e3d653b1_Frame%25201261158063-p-500.png
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
350bbb3c0c137bdac7b2790fc0182494fbb2d0820af5d87134ad7837fbb621fa

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

cf-cache-status
EXPIRED
etag
"c9d96745e47d4471dce12ad10eee5a9f"
x-amz-version-id
YPpFeIz1GrVg9ocJAbpTrc4NK89oi3LZ
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:28:40 GMT
content-type
image/png
last-modified
Wed, 03 Jul 2024 17:44:14 GMT
vary
Accept-Encoding
x-amz-id-2
ALg3JgsZoUTv41fxPzjy494v3o8lxwO86J8q5IsPCNkQnxVjBgO0MWrIKFVG+tjn4OwGsOERhABQUywRF+TyZg==
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
4V4THVNP9PNSEZME
cf-ray
8e0f503aad1fabe8-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
46241
server
cloudflare
x-amz-server-side-encryption
AES256
animation.esm.js
cdn.jsdelivr.net/npm/@finsweet/attributes-animation@1/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@finsweet/attributes-animation@1/animation.esm.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmsfilter@1/cmsfilter.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c65101e31646c5ce1e2f253a5c554604c5fb5d4f0016fcf5e5c8dc127862076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.uplevelrewarrds.com
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"2dcc-d2LLzMwVxUMcDcR94bZTJr30OVE"
age
18459
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qgcVfAvDDcSUhX8Bf3z%2BwEPhVfSKwai%2FkT7uww%2FLphLHaN9aQNfl2z4%2BFIvxJV9llL1mVg0grWc%2BU9pH6kcDdZ31LOx38tmwsMXhzDzFiSM4CdnVsfcbEtvlEMBUngQLo%2BU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 11 Nov 2024 15:28:40 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220025-FRA, cache-lga21972-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0f503b3c25a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5006
server
cloudflare
x-jsd-version
1.2.2
/
us.i.posthog.com/decide/ 		669 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us.i.posthog.com/decide/?v=3&ip=1&_=1731338920407&ver=1.180.1&compression=base64
Requested by
Host: us-assets.i.posthog.com
URL: https://us-assets.i.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.134.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-134-122.compute-1.amazonaws.com
Software
envoy /
Resource Hash
1386ecb5df3cf2987607d3770c916790c6c0f6826b64ba5f94d0884012ea4b4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
application/x-www-form-urlencoded
Referer
https://www.uplevelrewarrds.com/

Response headers

cross-origin-opener-policy
same-origin
content-encoding
gzip
x-envoy-upstream-service-time
4
access-control-allow-credentials
true
x-content-type-options
nosniff
referrer-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.uplevelrewarrds.com
date
Mon, 11 Nov 2024 15:28:40 GMT
content-type
application/json
vary
Accept-Encoding
server
envoy
access-control-allow-headers
X-Requested-With,Content-Type
/
us.i.posthog.com/e/ 		13 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us.i.posthog.com/e/?ip=1&_=1731338920429&ver=1.180.1&compression=gzip-js
Requested by
Host: us-assets.i.posthog.com
URL: https://us-assets.i.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.134.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-134-122.compute-1.amazonaws.com
Software
envoy /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain
Referer
https://www.uplevelrewarrds.com/

Response headers

cross-origin-opener-policy
same-origin
content-encoding
gzip
x-envoy-upstream-service-time
4
access-control-allow-credentials
true
x-content-type-options
nosniff
referrer-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.uplevelrewarrds.com
date
Mon, 11 Nov 2024 15:28:40 GMT
content-type
application/json
vary
Accept-Encoding
server
envoy
access-control-allow-headers
X-Requested-With,Content-Type
tom-select.css
cdn.jsdelivr.net/npm/tom-select@2.2.2/dist/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/tom-select@2.2.2/dist/css/tom-select.css
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/videsigns/webflow-tools@latest/countrycode.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
728a02db2db18287a99d9d4165587ea631a29afe10b6433e8cb792a8a90e63f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
HIT
etag
W/"2610-rKCI2ISKcBHoHtaKdgT37nLKj78"
age
16337360
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R4%2FTQ%2BAMK25eFNcXoX2B315lSOkJxHKBk3qODG1yTyGATs5oZ8Rms4C4XkaqXw9uizB0dba2koDuasm%2BT7ekqECXbsENn20kuWRjz1mF8Jj5FB%2BU62pdhuw5DfFVSZChGR8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 11 Nov 2024 15:28:41 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220092-FRA, cache-lga21961-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0f50442ec3a228-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2573
server
cloudflare
x-jsd-version
2.2.2
countrycode.css
cdn.jsdelivr.net/gh/videsigns/webflow-tools@latest/ 		674 B
1016 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/videsigns/webflow-tools@latest/countrycode.css
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/videsigns/webflow-tools@latest/countrycode.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33f70e8f26ca42c82759f71fbbf80e9bebf2a407c6250adf2ed7e59161891b67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"2a2-YA0yHvN2dDXQ2b6xc9rsVG044UQ"
age
10271
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rp6Rp9KalYpLMxHvweyQuj5uO5g0Euo8oV1B%2FIturiRLuBdcWAXgIn%2B%2BwqLdxfpJg6s6VtJOro7KNafsp2ZZAH58LbMJFH%2BSfAGUDKrsj1WRlWSBtL96%2FqFlff7%2FA5GJlUk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 11 Nov 2024 15:28:41 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220115-FRA, cache-lga21938-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0f50442ec7a228-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
355
server
cloudflare
x-jsd-version
3.6.17
counter
videsigns-staging.co.uk/ 		20 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videsigns-staging.co.uk/counter
Requested by
Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=66858dec07e4f862e3d65338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.6.134.231 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-6-134-231.ap-south-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
e9f63854c85d8f9d60cf31d68d1578e84efe17f87a04d969c5344fedf9075279

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Accept
*/*
Referer
https://www.uplevelrewarrds.com/

Response headers

access-control-allow-origin
*
content-length
20
date
Mon, 11 Nov 2024 15:28:42 GMT
etag
W/"14-lDkTLONIRoDaB3IKvf+8bScpc9c"
content-type
text/html; charset=utf-8
x-powered-by
Express
server
nginx
lander-object.json
app.glitchy.ai/ 		99 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.glitchy.ai/lander-object.json
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
cfd3c4a15da7c4560f557d09d8b763a49dd32d04f88d1bf1a71afc474846f8f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"2c721f5b7a86ab701b65b0ef251b5ad9"
age
220710
x-matched-path
/lander-object.json
access-control-allow-origin
*
date
Mon, 11 Nov 2024 15:28:41 GMT
content-disposition
inline; filename="lander-object.json"
content-type
application/json; charset=utf-8
server
Vercel
last-modified
Sat, 09 Nov 2024 02:10:11 GMT
x-vercel-id
iad1::r7z96-1731338921778-5c2737badcf8
active
app.optibase.io/api/script/ 		16 B
507 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.optibase.io/api/script/active?publicApiKey=clxd6ulbj044yzozy45jbx5dz
Requested by
Host: app.optibase.io
URL: https://app.optibase.io/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

content-encoding
br
x-pathname
/api/script/active
age
0
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
x-matched-path
/api/script/active
date
Mon, 11 Nov 2024 15:28:41 GMT
content-type
application/json
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Authorization, Baggage, sentry-trace
strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
x-vercel-cache
MISS
access-control-allow-credentials
true
access-control-allow-origin
https://www.uplevelrewarrds.com
server
Vercel
x-vercel-id
iad1::iad1::zscj2-1731338921751-f5a81dac646c
cmscore.js
cdn.jsdelivr.net/npm/@finsweet/attributes-cmscore@1/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmscore@1/cmscore.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmsfilter@1/cmsfilter.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
652b782499578fc71edc11f16015aecfd4b77f5a65dea68670bcae86be9a8bc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.uplevelrewarrds.com
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"4f1f-pHD/Uv7Ztjs1OXmoYMvrzeid69M"
age
15405
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZBXqn%2F1fLO4xQ7HZ3LimcenA2%2FbMR%2BagZs1e2ogVsemDb01naN8ba3pEAh7snW%2FolxCaHC1ZdQlMgmHiB4XkWCaWiUVsqIqpXmYv5U%2BWsPwzJ5inunpqWv3MfSIk2T2h7w0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 11 Nov 2024 15:28:41 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230137-FRA, cache-lga21981-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0f50448837a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7208
server
cloudflare
x-jsd-version
1.13.0
sephora750disclaimer.png
www.rewardsgiantca.com/CampImg/1718/SuperDynamic/genericimg/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rewardsgiantca.com/CampImg/1718/SuperDynamic/genericimg/sephora750disclaimer.png
Requested by
Host: www.uplevelrewarrds.com
URL: https://www.uplevelrewarrds.com/?s1=26934&s2=162&s3=1027200c80c7d69544a89dd23be6c7&s4=&s5=sephorapoll750ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c75a8d190013d27ec74f9f2a6794952879e0aaebfb0bd7cb1713957b19058fcf

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"847ddd92c7dd91:0"
age
3647
cf-ray
8e0f50467f9036af-YYZ
expires
Mon, 11 Nov 2024 19:28:42 GMT
accept-ranges
bytes
content-length
51062
date
Mon, 11 Nov 2024 15:28:42 GMT
content-type
image/png
last-modified
Tue, 02 May 2023 19:32:35 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300,regular,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
sffe /
Resource Hash
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.uplevelrewarrds.com
Referer
https://fonts.googleapis.com/

Response headers

age
412330
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 20:56:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 20:56:33 GMT
last-modified
Mon, 29 Jul 2024 22:44:12 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48556
x-xss-protection
0
server
sffe
6685ce146a897eb5b029c29f_favicon-32x32.png
cdn.prod.website-files.com/66858dec07e4f862e3d65338/ 		844 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66858dec07e4f862e3d65338/6685ce146a897eb5b029c29f_favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2e884f3a95c68fad80c74e688d6a4610a22e07cea4a0af734daf2cf58a1ac6

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.uplevelrewarrds.com/

Response headers

cf-cache-status
HIT
etag
"d3a416f4db1dae2726cfd95be187c9de"
x-amz-version-id
uvTyN0QV9mbglcQg1dhclT4X93TTgxrg
age
637
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:28:43 GMT
content-type
image/png
last-modified
Wed, 03 Jul 2024 22:17:57 GMT
vary
Accept-Encoding
x-amz-id-2
NNAt4CIo5reIZJqRZuqYGqSm6UP3XsQ0jWzjlEtsH/C0/ufpUkUBMP+cWIcmp/FgexE//1ynb1tDIOl3ZgYCYIqI8PTOEY1m7d3KPQOC+8k=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
WP3C5ZW6M2H88BXN
cf-ray
8e0f50517866abe8-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
844
server
cloudflare
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| WebFont object| posthog function| lightenRGB object| fsAttributes object| FsAttributes object| Webflow object| __PosthogExtensions__ function| $ function| jQuery function| tram object| _sentryDebugIds object| __SENTRY__ function| optibaseSendConversionEvent function| optibaseSetTestedUserExternalId function| optibaseAddActiveVariantsListener boolean| optibaseScriptLoaded function| tomSelect function| TomSelect object| link object| link2 function| getCountryFlag function| render object| ogCloneArr function| recaptcha function| getParams function| getSafe function| phoneAutoFormat function| validateURL function| disableBtn function| enableBtn function| saveLastAnswer function| saveFilledInput function| scrollTop function| updateStep function| validateEmail function| phoneValidation function| validation function| displayErrorMessage function| resetInputErrorMessage function| increaseCurstep function| decreaseCurstep function| nextStep function| backStep function| selectionQuiz function| triggerInputAllData function| clickableIndicator function| resetFormly function| _0xce23 function| cloneRemove function| cloneRemoveInput function| andLogic function| _0x5e13 function| addClickClass function| updateCounter function| getCookie function| isElementPresent function| isScriptUrlMatch function| openNav function| closeNav number| idx boolean| userNotLoggedIn30Days boolean| optibaseInitialized

5 Cookies

Domain/Path Name / Value
glitchy.go2cloud.org/ Name: enc_aff_session_162
Value: ENC037a90482f982aa2a6580b387889065030ba02869b9fd3643a45478459e00e6131234eb6836e85d17b90f6523aea9678431e0b3fbae7f76b1fb49553d97d1f80664db5290dab04884be2b8d0da6eae7fb079c7bdf6ad1923e055aeef46ca417b28884e354d6b80db33cd263ac591ea11049c6d9083d84721b2d9f69165457533d71e9b0458
glitchy.go2cloud.org/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiQW5kcm9pZCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMTMuMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IGZvciBBbmRyb2lkIiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggTW9iaWxlIiwibW9iaWxlX2Jyb3dzZXJfdmVyc2lvbiI6IjExMi4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChBbmRyb2lkIDEzOyBNb2JpbGU7IFJ2OjExMi4wKSBHZWNrby8xMTIuMCBGaXJlZm94LzExMi4wIiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tQ0EsZW47cT0wLjkiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
.prod.website-files.com/ Name: __cf_bm
Value: xcwHmShRpxdq8CkdfJTtXiZ7H7kF20EKkCmfRKQHA4U-1731338919-1.0.1.1-.7CcSRHHndXuZrawyoi.dxsFJzGxVsb9BRw4CXPbzA0TOAgOsv0Ytjs1EjtC712S.CLeSnA7nxDFg.7dzk0PfQ
.uplevelrewarrds.com/ Name: ph_phc_wTADxn5tg5uBqgFrvcC7ZQxD0WhEqEcH94fp4bC5W7f_posthog
Value: %7B%22distinct_id%22%3A%2201931bd7-61d5-7a08-81fa-53a4f3eb5324%22%2C%22%24sesid%22%3A%5B1731338920428%2C%2201931bd7-61d3-77eb-aaf7-714aae18288b%22%2C1731338920403%5D%7D
www.uplevelrewarrds.com/ Name: Y291bnRlcg
Value: ==MTA=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.glitchy.ai
app.optibase.io
cdn.jsdelivr.net
cdn.prod.website-files.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
glitchy.go2cloud.org
glstrck.com
pay.sephorareviewer.online
us-assets.i.posthog.com
us.i.posthog.com
videsigns-staging.co.uk
www.rewardsgiantca.com
www.uplevelrewarrds.com
104.18.160.117
104.18.186.31
104.18.21.222
104.22.59.181
142.250.65.170
142.251.32.106
142.251.41.3
172.67.155.142
18.238.59.82
192.64.119.254
3.6.134.231
34.234.52.18
52.201.134.122
52.205.36.237
76.76.21.142
76.76.21.22
04c31130a9d95f9aabf28b265ac4266b7772705a980ce3eabc4f3daa23cef984
0615308b7c98c6091a1dd9157b200983aba8c381da242aab08bd36f62647ce75
0c4dfadb308dff50874015f5097c0b4658cc5c05ea7e190dd40961df6bea375b
1386ecb5df3cf2987607d3770c916790c6c0f6826b64ba5f94d0884012ea4b4f
1e4de9776d3fe996fb9d0bc9d106f1b9351d90b7e7b9ada5b8fde83db36fde96
1f273927d8c1c53deecc98f5c9a945f5613c5711a5e2920e55b51cf18225d704
2c65101e31646c5ce1e2f253a5c554604c5fb5d4f0016fcf5e5c8dc127862076
33f70e8f26ca42c82759f71fbbf80e9bebf2a407c6250adf2ed7e59161891b67
350bbb3c0c137bdac7b2790fc0182494fbb2d0820af5d87134ad7837fbb621fa
381a4daf1d8b4327f108ef981ab8b87f21414f249b98a10eaf276297771fbfa3
4114d42169ebc1367ef3ceaf7920b7a08825624723466f32db9850096f6b0aa9
4c8b9cd7aa214093717d991618afab5bc0feee63f5655cb8105e1ed660152978
52bf32ab7c8c555eaccfd4ededbc496a4b1e4ffddc28964050f41fda258b279b
652b782499578fc71edc11f16015aecfd4b77f5a65dea68670bcae86be9a8bc0
6c9c97cdefc4c6be27ba4eb62571436f3ceb7c3d591df0bf5be0cab1ea249d97
6e5e5d665ac1716a663e5646801072f5518f19a72c6558bbbc70807d9d9bcba0
71b25c2066762d46f636a4edfcc8f3c0a35c3fad9e3a67b56133e1b7f10cab6b
728a02db2db18287a99d9d4165587ea631a29afe10b6433e8cb792a8a90e63f3
780cfee897e5f76dff5c96060b9ecab1ce7dd4e30c43b6603c2aa818eb6d24a4
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8d12dc97bbb96068202dc4fd887362a12b17c4f30bd542911577487d7ea6e532
a21195d829e0627ea8c89902db814682c32563a1eec9d87c33bfd6ed94ed9ad0
c75a8d190013d27ec74f9f2a6794952879e0aaebfb0bd7cb1713957b19058fcf
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
cfd3c4a15da7c4560f557d09d8b763a49dd32d04f88d1bf1a71afc474846f8f6
e9f63854c85d8f9d60cf31d68d1578e84efe17f87a04d969c5344fedf9075279
eb82c90997bb2904a2327fc0a0a04203d5fc14f85067071a10b387e5449d695f
ee2e884f3a95c68fad80c74e688d6a4610a22e07cea4a0af734daf2cf58a1ac6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc9cc065d5883ac526ad52d886a7092e1ccd2a00a48295a733d879b80a6d4dff