cibcfcibmiles.com Open in urlscan Pro
52.85.61.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cibcfcibredeem.com/
Effective URL:
https://cibcfcibmiles.com/
Submission: On March 25 via api (March 25th 2022, 6:50:04 pm UTC) from CA — Scanned from CA

Summary HTTP 232 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 232 HTTP transactions. The main IP is 52.85.61.52, located in United States and belongs to AMAZON-02, US. The main domain is cibcfcibmiles.com.
TLS certificate: Issued by Amazon on September 16th 2021. Valid for: a year.

This is the only time cibcfcibmiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	204.74.99.100 204.74.99.100	397213 (ULTRADNS) (ULTRADNS)
1 1	13.225.80.55 13.225.80.55	16509 (AMAZON-02) (AMAZON-02)
178	52.85.61.52 52.85.61.52	16509 (AMAZON-02) (AMAZON-02)
3	52.85.61.35 52.85.61.35	16509 (AMAZON-02) (AMAZON-02)
3	52.85.61.25 52.85.61.25	16509 (AMAZON-02) (AMAZON-02)
3	52.85.61.112 52.85.61.112	16509 (AMAZON-02) (AMAZON-02)
2	52.85.61.20 52.85.61.20	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
8	64.76.235.73 64.76.235.73	3549 (LVLT-3549) (LVLT-3549)
3	52.219.101.97 52.219.101.97	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
2	208.89.12.153 208.89.12.153	11054 (LIVEPERSON) (LIVEPERSON)
5	208.89.12.91 208.89.12.91	11054 (LIVEPERSON) (LIVEPERSON)
4	208.89.12.90 208.89.12.90	11054 (LIVEPERSON) (LIVEPERSON)
3	178.249.97.70 178.249.97.70	11054 (LIVEPERSON) (LIVEPERSON)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
232	16

1 204.74.99.100 (United States) 1 redirects

ASN397213 (ULTRADNS, US)
PTR: crs.ultradns.net

cibcfcibredeem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.55 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-55.fra2.r.cloudfront.net

cibcfcib.go2redeem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

178 52.85.61.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-52.ewr53.r.cloudfront.net

cibcfcibmiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ifupperclub.cibcfcibmiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.61.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-35.ewr53.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.61.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-25.ewr53.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.61.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-112.ewr53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.61.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-20.ewr53.r.cloudfront.net

universalws.cibcfcibmiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2008 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 64.76.235.73 (United States)

ASN3549 (LVLT-3549, US)
PTR: 64.76.235.73-static.reverse.ejuniper.com

travel.cibcfcibmiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.219.101.97 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com

s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200a (Queens, United States)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.153 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lptag.liveperson.net

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 208.89.12.91 (United States)

ASN11054 (LIVEPERSON, US)

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.89.12.90 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.97.70 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo.v.liveperson.net

lo.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
188	cibcfcibmiles.com cibcfcibmiles.com universalws.cibcfcibmiles.com travel.cibcfcibmiles.com ifupperclub.cibcfcibmiles.com	24 MB
9	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3029 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3079	54 KB
9	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 874	196 KB
5	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3025 lo.v.liveperson.net — Cisco Umbrella Rank: 12025	113 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	16 KB
3	amazonaws.com s3.us-east-2.amazonaws.com	382 KB
2	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 564	478 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	87 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	348 B
1	go2redeem.com 1 redirects cibcfcib.go2redeem.com	239 B
1	cibcfcibredeem.com 1 redirects cibcfcibredeem.com	225 B
0	bitacora.travel Failed widget.bitacora.travel Failed
232	12

	Domain	Requested by
127	ifupperclub.cibcfcibmiles.com	cibcfcibmiles.com ifupperclub.cibcfcibmiles.com
51	cibcfcibmiles.com	cibcfcibmiles.com travel.cibcfcibmiles.com
8	travel.cibcfcibmiles.com	cibcfcibmiles.com travel.cibcfcibmiles.com
5	accdn.lpsnmedia.net	lptag.liveperson.net
4	lpcdn.lpsnmedia.net	lptag.liveperson.net
3	cdnjs.cloudflare.com	ifupperclub.cibcfcibmiles.com
3	lo.v.liveperson.net	lptag.liveperson.net
3	s3.us-east-2.amazonaws.com	travel.cibcfcibmiles.com lpcdn.lpsnmedia.net
3	vars.hotjar.com	static.hotjar.com
3	script.hotjar.com	static.hotjar.com
3	static.hotjar.com	cibcfcibmiles.com travel.cibcfcibmiles.com
2	lptag.liveperson.net	cibcfcibmiles.com
2	firebaseinstallations.googleapis.com	cibcfcibmiles.com
2	www.googletagmanager.com	cibcfcibmiles.com www.googletagmanager.com
2	universalws.cibcfcibmiles.com	cibcfcibmiles.com
1	www.google-analytics.com	www.googletagmanager.com
1	cibcfcib.go2redeem.com	1 redirects
1	cibcfcibredeem.com	1 redirects
0	widget.bitacora.travel Failed	cibcfcibmiles.com
232	19

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
cibcfcib-tc.milesbynovae.com

Subject Issuer	Validity	Valid
cibcfcibmiles.com Amazon	`2021-09-16` - `2022-10-14`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
travel.cibcfcibmiles.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-26` - `2022-10-26`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon	`2021-12-17` - `2022-12-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-30` - `2022-05-30`	2 years	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2022-02-07` - `2023-02-07`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://cibcfcibmiles.com/
Frame ID: ACAF07122CB563F1B5445BEBCDBA3639
Requests: 85 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: A344877A34B5241BFB1BFBECC35D68E6
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 38B67180A4BAA419C9BDBD9F7794BB01
Requests: 1 HTTP requests in this frame

Frame: https://travel.cibcfcibmiles.com/flights/?idioma=en
Frame ID: 6560264BA6A1BA5C883D1FF4F4929E6A
Requests: 14 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fcibcfcibmiles.com&site=46543114&env=prod
Frame ID: C8D9090B0FCF8639A848C29E86809261
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 013F0594336C3928CE59779CD3A1536A
Requests: 1 HTTP requests in this frame

Frame: https://ifupperclub.cibcfcibmiles.com/
Frame ID: 16866F69776F5EF1C0AC0E4F736E3EE3
Requests: 129 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Rewards

Page URL History Show full URLs

http://cibcfcibredeem.com/ HTTP 301
https://cibcfcib.go2redeem.com/ HTTP 302
https://cibcfcibmiles.com/ Page URL
https://cibcfcibmiles.com/ Page URL

Detected technologies

Paths.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

paths(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Page Statistics

232
Requests

96 %
HTTPS

24 %
IPv6

12
Domains

19
Subdomains

16
IPs

2
Countries

25223 kB
Transfer

40901 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=18559180220&text=Hi%20alle,%20I%20want%20to%20know%20more%20about%20My%20Rewards

Search URL Search Domain Scan URL

URL: https://cibcfcib-tc.milesbynovae.com/#/cibc?lang=en
Title: Visit

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cibcfcibredeem.com/ HTTP 301
https://cibcfcib.go2redeem.com/ HTTP 302
https://cibcfcibmiles.com/ Page URL
https://cibcfcibmiles.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cibcfcibredeem.com/ HTTP 301
https://cibcfcib.go2redeem.com/ HTTP 302
https://cibcfcibmiles.com/

232 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
cibcfcibmiles.com/
Redirect Chain

http://cibcfcibredeem.com/
https://cibcfcib.go2redeem.com/
https://cibcfcibmiles.com/

13 KB
5 KB

95ms
50ms

Document
text/html

52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ec30ee72b34739103b4fdc45571589ae8b3221da700f5230ba94bbb18e1db70b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

content-type: text/html
date: Fri, 25 Mar 2022 18:49:57 GMT
server: nginx
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
etag: W/"62070f07-3392"
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: rosGQMQrmR7o4csE2tNxRKYf1PTYl-G61jaueEbGjcbvlqCnjlbaIQ==

Redirect headers

content-type: text/html
content-length: 138
location: https://cibcfcibmiles.com
date: Fri, 25 Mar 2022 18:49:56 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: jcRwDEBWKCYXKnma2L2eOwosa8mcb4_YPLqTT-4_oLG7Q_OpxAybXQ==

GET
H2 200 styles.cb1299c1af804ea3c5ef.css
cibcfcibmiles.com/ 396 KB
83 KB 106ms
105ms Stylesheet
text/css 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/styles.cb1299c1af804ea3c5ef.css

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

fdff3eaa89576dcaa7c6692632b16409d7a577297e24e963d93f261195e4a892

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-62e0b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 2jGKcShD8HydrAT6WiXcmOhyCbC-hiwv5p-l95cA7ZTFmtrf2WpjxQ==

GET
H2 200 runtime-es2015.7ebbbeb42dfe32e5a8c9.js Show response
cibcfcibmiles.com/ 3 KB
4 KB 28ms
27ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/runtime-es2015.7ebbbeb42dfe32e5a8c9.js

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

aecad62a4dbf7a5048d36eac2d68ceea32085a69415c760fe93217446053227b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-c36"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: I-U8JDRV7r80Bt8iyZe-74AhQQPqJJcuOxQQzpeWk2te0hCYuAUf7g==

GET
H2 200 polyfills-es2015.0e829e7d3592fcb6253b.js Show response
cibcfcibmiles.com/ 65 KB
27 KB 115ms
114ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/polyfills-es2015.0e829e7d3592fcb6253b.js

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

0c9d24e6d8fbb159158363c6b8fed921df58efe25add722af753749c219c8e5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-105ab"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: KXm6MW9uXJz6xeZn7R7aEGpPIzfEkRpcAwz8eWz2NmRQ_mAouanu5A==

GET
H2 200 scripts.27f05f5a4fe426762608.js Show response
cibcfcibmiles.com/ 359 KB
128 KB 50ms
49ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/scripts.27f05f5a4fe426762608.js

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

9f04f42586114f903d7c21872704a64cfe12c55925d0460e7529a7bcbaa130c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-59d94"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: UEfLPkvYQWpAYOATQ82-AMVsOz_o9Co6Owpxb_xo1mhd_pig0scHbw==

GET
H2 200 main-es2015.3a2ff7b5542964091ed3.js Show response
cibcfcibmiles.com/ 5 MB
1 MB 32ms
32ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/main-es2015.3a2ff7b5542964091ed3.js

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

30ce89c37e7478808d7ca1a14735ab00243640e1251e1bea0e575d035dc36883

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-566b18"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: OekQy46cMFVA5-0arI8uY8uK56w6jq-BMYvzD5cUEpFzZOlBIC8JOA==

GET
H2 200 hotjar-1572141.js Show response
static.hotjar.com/c/ 4 KB
2 KB 59ms
19ms Script
application/javascript 52.85.61.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1572141.js?sv=6

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-35.ewr53.r.cloudfront.net

Software

Resource Hash

72a09e2cd2b061b271e723a7980b01294cc9494c659b4d19139ddf7719902acc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1912
access-control-allow-origin: *
cache-control: max-age=60
etag: W/2c540b31078ea79772cc3db54c3ca174
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 ae9634deb2e9d6f8d396fc6f1e0586fa.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: 30N525xp5pszw5_BYRzrycdu0eY9OzlJgtSFjjV4V_SubgKyf6cT7g==

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 76ms
32ms Script
application/javascript 52.85.61.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1572141.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-25.ewr53.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1331271
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-P1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: EvpGK20mFufYk0zXbg3SOkpGp-YefDqUhAQhd4Uv9kG3MJ_fCBBiTQ==

GET datepicker.min.css
widget.bitacora.travel/vendor/air-datepicker/css/ 0
0

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame A344 2 KB
0 57ms
17ms Document
text/html 52.85.61.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1572141.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-112.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

content-type: text/html
content-length: 1044
date: Sun, 20 Feb 2022 02:43:53 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Thu, 17 Feb 2022 14:12:00 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: hj0zBUgAZS4ivbc4E_jk71yA7DonOoP9xXxLZxth66UqSEGR4dZTuw==
age: 2909164

GET
H2 200 Primary Request / Show response
cibcfcibmiles.com/ 13 KB
5 KB 27ms
26ms Document
text/html 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/main-es2015.3a2ff7b5542964091ed3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ec30ee72b34739103b4fdc45571589ae8b3221da700f5230ba94bbb18e1db70b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

content-type: text/html
date: Fri, 25 Mar 2022 18:49:57 GMT
server: nginx
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
etag: W/"62070f07-3392"
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: ZFdpZgSyhyevtkBrxYL83jqiUcIkxrRD4L6flwUafhsT-2WGDQn8rw==

GET en.json
cibcfcibmiles.com/assets/i18n/ 0
0

GET NovaeLooading-general.gif
cibcfcibmiles.com/assets/loader/ 0
0

GET icon-cibc.png
cibcfcibmiles.com/assets/images/cibc-miles/ 0
0

GET bg-sign.svg
cibcfcibmiles.com/assets/images/ 0
0

GET icons.ttf
cibcfcibmiles.com/assets/brand/fonts/ 0
0

GET icomoon.56d16df14b394ba8efd7.ttf
cibcfcibmiles.com/ 0
0

GET icomoon.c05319acd34608c11566.woff
cibcfcibmiles.com/ 0
0

GET icons.woff
cibcfcibmiles.com/assets/brand/fonts/ 0
0

GET
H2 200 styles.cb1299c1af804ea3c5ef.css
cibcfcibmiles.com/ 396 KB
83 KB 35ms
33ms Stylesheet
text/css 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/styles.cb1299c1af804ea3c5ef.css

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

fdff3eaa89576dcaa7c6692632b16409d7a577297e24e963d93f261195e4a892

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-62e0b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: YMRdM7g5AZ_yTt2XSgfVRadYRtFQ-ueFuST7I-64_35IcRwUITckUA==

GET
H2 200 runtime-es2015.7ebbbeb42dfe32e5a8c9.js Show response
cibcfcibmiles.com/ 3 KB
4 KB 26ms
24ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/runtime-es2015.7ebbbeb42dfe32e5a8c9.js

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

aecad62a4dbf7a5048d36eac2d68ceea32085a69415c760fe93217446053227b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-c36"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 2V7_M247fDLYmxILIycTZCX4XcZ7x8oyHV3kMxbK2O2GG3_GGHUBlQ==

GET
H2 200 polyfills-es2015.0e829e7d3592fcb6253b.js Show response
cibcfcibmiles.com/ 65 KB
27 KB 27ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/polyfills-es2015.0e829e7d3592fcb6253b.js

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

0c9d24e6d8fbb159158363c6b8fed921df58efe25add722af753749c219c8e5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-105ab"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: xuvaFU76s0TV6PJCE6arcwG8KUaunswc2YNhPTtzfFzyW9WMdONW0g==

GET
H2 200 scripts.27f05f5a4fe426762608.js Show response
cibcfcibmiles.com/ 359 KB
128 KB 108ms
107ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/scripts.27f05f5a4fe426762608.js

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

9f04f42586114f903d7c21872704a64cfe12c55925d0460e7529a7bcbaa130c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-59d94"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: -qdFfVEqTCrFZf_T3uSm3hmLb1dsJT6LQ-iPSg3ifoDJSekkPB8k3A==

GET
H2 200 main-es2015.3a2ff7b5542964091ed3.js Show response
cibcfcibmiles.com/ 5 MB
1 MB 32ms
31ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/main-es2015.3a2ff7b5542964091ed3.js

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

30ce89c37e7478808d7ca1a14735ab00243640e1251e1bea0e575d035dc36883

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-566b18"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: Zrfn6QTG9fbqiel0PSOoivkhWLcc3JgikhCDfzJrhj5uG_24aSA9xw==

GET
H2 200 hotjar-1572141.js Show response
static.hotjar.com/c/ 4 KB
2 KB 18ms
17ms Script
application/javascript 52.85.61.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1572141.js?sv=6

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-35.ewr53.r.cloudfront.net

Software

Resource Hash

72a09e2cd2b061b271e723a7980b01294cc9494c659b4d19139ddf7719902acc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1912
access-control-allow-origin: *
cache-control: max-age=60
etag: W/2c540b31078ea79772cc3db54c3ca174
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 ae9634deb2e9d6f8d396fc6f1e0586fa.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: XuLL9Xh3XgQhcwkedS-j7L_P1lzxFXI5oTQ7wP7RSQncCOAXEZ1SPg==

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 20ms
20ms Script
application/javascript 52.85.61.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1572141.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-25.ewr53.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1331272
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-P1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: TEI-pKwzhfxJE9taRk4ETU7mNNvYkbyUewFoZOByZI-HcjSI27mUEA==

GET datepicker.min.css
widget.bitacora.travel/vendor/air-datepicker/css/ 0
0

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 38B6 2 KB
1 KB 17ms
17ms Document
text/html 52.85.61.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1572141.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-112.ewr53.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

content-type: text/html
content-length: 1044
date: Sun, 20 Feb 2022 02:43:53 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Thu, 17 Feb 2022 14:12:00 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: fUQgjC0zElAyDNjptnpuPg59oUgCUD9_MV7dY5KDuL_E-N4jBcpodg==
age: 2909165

GET
H2 200 en.json Show response
cibcfcibmiles.com/assets/i18n/cibc/ 110 KB
29 KB 29ms
29ms XHR
application/json 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/assets/i18n/cibc/en.json

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/polyfills-es2015.0e829e7d3592fcb6253b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

0a1390773b5da9fb9da28a43210734923ee13b324dafa12894ed0f006474b813

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-1b64f"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: NiblrtFLfbq2_9cfP4ZhOQk0zsUr2iKjGgQNWuWE4fei2o7v_r4S1Q==

GET
H2 200 NovaeLooading-general.gif
cibcfcibmiles.com/assets/loader/ 878 KB
881 KB 26ms
26ms Image
image/gif 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/loader/NovaeLooading-general.gif

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

945d63ea6dc286d5d6de0d78b49beb636d823babd4fe36f7494b4c6e74becfa6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 899054
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-db7ee"
accept-ranges: bytes
x-amz-cf-id: SrQIxryjrZqBVHlxp1w26s0xPgx2Pe1b4B1_UtGH1O7h2E0fCOKztg==

GET
H2 200 icon-cibc.png
cibcfcibmiles.com/assets/images/cibc-miles/ 20 KB
22 KB 30ms
30ms Image
image/png 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/cibc-miles/icon-cibc.png

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

8a2dfc4d3f9d5bbf213b9a8e39e579e97f155c35370b429e3f18c73722316c0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 20682
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-50ca"
accept-ranges: bytes
x-amz-cf-id: f_8JSjNa36VIhzLlVMeiq0X5IQEl8Dv6QDIQfa62PBnq8SedQ7yL4g==

GET
H2 200 bg-sign.svg
cibcfcibmiles.com/assets/images/ 708 B
3 KB 28ms
28ms Image
image/svg+xml 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/bg-sign.svg

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

23bbd8945ebfe12d275ae179175b6de34ccab6105197b8bbdd66701b8561523c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cibcfcibmiles.com/
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 708
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-2c4"
accept-ranges: bytes
x-amz-cf-id: GWEXZdzMmuruQONf4K7g8i4CsC2g9cfPcTqQen56NMfngUYrPsrT6Q==

GET
H2 200 icons.ttf
cibcfcibmiles.com/assets/brand/fonts/ 57 KB
59 KB 34ms
33ms Font
application/octet-stream 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/assets/brand/fonts/icons.ttf?30ivlz

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/styles.cb1299c1af804ea3c5ef.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e89d1dbf733eb4602011ce483ef4f0f4c5759f835b682b800374fb4f5e98547c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 57892
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-e224"
accept-ranges: bytes
x-amz-cf-id: LvR3vEJKmJdaC5FU-7RZOA_I9usYqrRuZj82Ej37WJfFQor4zoA2dQ==

GET
H2 200 icomoon.56d16df14b394ba8efd7.ttf
cibcfcibmiles.com/ 13 KB
15 KB 29ms
29ms Font
application/octet-stream 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/icomoon.56d16df14b394ba8efd7.ttf?cm3ztk

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/styles.cb1299c1af804ea3c5ef.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

653fdc023e4cb0aab40cd367827ef396687bb13419c46794ed383547fed20bdb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 13124
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-3344"
accept-ranges: bytes
x-amz-cf-id: E10BIwyxASfbPgZ5emavoY4subAPyh2yzhVrWeLdSwcGSiXEXws-1A==

OPTIONS
H2 204 getallpropertiesbyapplicationidVS
universalws.cibcfcibmiles.com/v1/ Frame 0
0 96ms
51ms Preflight 52.85.61.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universalws.cibcfcibmiles.com/v1/getallpropertiesbyapplicationidVS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-20.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://cibcfcibmiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 25 Mar 2022 18:49:58 GMT
server: nginx
access-control-max-age: 1728000
access-control-allow-origin: https://cibcfcibmiles.com
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-cache: Miss from cloudfront
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: hMsm4elvW4NilEwXyV-YA2p5hXMR8qeppayJndSRVZi88l6OYw3tEA==

POST
H2 200 getallpropertiesbyapplicationidVS Show response
universalws.cibcfcibmiles.com/v1/ 62 KB
63 KB 59ms
57ms XHR
application/json 52.85.61.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://universalws.cibcfcibmiles.com/v1/getallpropertiesbyapplicationidVS

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/polyfills-es2015.0e829e7d3592fcb6253b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-20.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e0147f59176de791b24577c97113c6a7ba545b0250028687348ebe792940fe1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 25 Mar 2022 18:49:58 GMT
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://cibcfcibmiles.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Origin,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-amz-cf-id: KNm8BzrgY2vPfoaSFCbSeRovN4M9j_AJ7mgboIlMsZYboyN_-0Xicw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 NovaeLooading-general.gif
cibcfcibmiles.com/assets/loader/ 878 KB
881 KB 27ms
27ms Image
image/gif 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/loader/NovaeLooading-general.gif

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/main-es2015.3a2ff7b5542964091ed3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

945d63ea6dc286d5d6de0d78b49beb636d823babd4fe36f7494b4c6e74becfa6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 899054
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-db7ee"
accept-ranges: bytes
x-amz-cf-id: ayE0qvGcClCllsMo3l9_0iwYBJa6N-14DolPBz3xKArmd7KkyfLlcw==

GET
H2 200 cibc.css
cibcfcibmiles.com/assets/brand/styles/ 42 KB
12 KB 29ms
28ms Stylesheet
text/css 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/assets/brand/styles/cibc.css

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/main-es2015.3a2ff7b5542964091ed3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

889638b8c65d310b9a933373b2812397a01d4d3ea1a8260462566992b6e6fe52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-a9d3"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 2I-H3wURK46Bj5TkhdkWco_Bs073R-5POHa92AHgBNpsn5blCbpmFA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 78 KB
31 KB 103ms
52ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/main-es2015.3a2ff7b5542964091ed3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94cbb1a3eaecd981dddec78c1cf70adb6f0b5debcccc4f815689d6968e58929f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31414
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Mar 2022 18:49:58 GMT

GET
H2 200 869-es2015.e3bac6c0168c0c07020b.js Show response
cibcfcibmiles.com/ 75 KB
19 KB 28ms
27ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/869-es2015.e3bac6c0168c0c07020b.js

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/runtime-es2015.7ebbbeb42dfe32e5a8c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

bfcd2c7262704f64e60030cfb9d2d2a905cb7d93ef411c3b7b53eb30ab355596

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-12dc9"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: NgjtiVa_Fjx_mpIe1o_q03-WdvdGc6Qr4XIKw6feDUPfsUOll00TjA==

GET
H2 200 slider.json Show response
cibcfcibmiles.com/assets/data/ 17 KB
3 KB 27ms
26ms XHR
application/json 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/assets/data/slider.json

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/polyfills-es2015.0e829e7d3592fcb6253b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

d7b111f20cfb1c936139ab31eba784db450ae7d14bdfd22328edae3348987df2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-44d6"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: j27t3SgHqQNHLR5FurD_QHmELZx4bfpbaMhB17aoeNgRQYsWlYHeKg==

GET
H2 200 / Show response
travel.cibcfcibmiles.com/flights/ Frame 6560 102 KB
24 KB 746ms
92ms Document
text/html 64.76.235.73
LVLT-3549

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.cibcfcibmiles.com/flights/?idioma=en

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/main-es2015.3a2ff7b5542964091ed3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.76.235.73 , United States, ASN3549 (LVLT-3549, US),

Reverse DNS

64.76.235.73-static.reverse.ejuniper.com

Software

/ IT Team

Resource Hash

02a4e091ba452b8dfd36db8cf6309a6384f3c7877d29213ec5709cb572f0ea43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.allegra.tech https://.iatairewards.com https://.go2redeem.com go2redeem.com viajes.allegrarewards.com https://.cibcfcibmiles.com cibcfcibmiles.com https://.ncbmiles.com ncbmiles.com https://.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://.viajesbaccredomatic.com https://.baccredomatic.com https://apap-rewards.com https://.apap-rewards.com https://.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

cache-control: private
content-length: 22525
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
access-control-allow-origin: *
content-security-policy: frame-ancestors https://*.allegra.tech https://*.iatairewards.com https://*.go2redeem.com go2redeem.com viajes.allegrarewards.com https://*.cibcfcibmiles.com cibcfcibmiles.com https://*.ncbmiles.com ncbmiles.com https://*.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://*.viajesbaccredomatic.com https://*.baccredomatic.com https://apap-rewards.com https://*.apap-rewards.com https://*.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
x-powered-by: IT Team
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
date: Fri, 25 Mar 2022 18:49:59 GMT

GET
H2 200 bg-ncb.png
cibcfcibmiles.com/assets/images/ 90 KB
92 KB 36ms
35ms Image
image/png 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/bg-ncb.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

15a3b13fe650dcee816c3e99f12579130bfb97c7a6857d0aaa0a3e853715c4eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 91682
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-16622"
accept-ranges: bytes
x-amz-cf-id: XBSIodxbPrYEAcfzC8l80p2q_uC45AJV7cILwLE28uoopy_VDUqEFQ==

GET
H2 200 logo-footer.png
cibcfcibmiles.com/assets/images/cibc-miles/ 11 KB
13 KB 38ms
37ms Image
image/png 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/cibc-miles/logo-footer.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

3fa5c9c3de640b68d97da2be52bc5b324b0e98039996618c5dc35b49a190e03c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 11710
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-2dbe"
accept-ranges: bytes
x-amz-cf-id: Q2BGCBTldGiqchxlIbS1RRsasKf0JLCjXcJPjXiF1zI8jXGrPS_JcQ==

GET
H2 200 NovaeLooading-travel.gif
cibcfcibmiles.com/assets/loader/ 424 KB
427 KB 38ms
38ms Image
image/gif 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/loader/NovaeLooading-travel.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

829cae1e7ecbbc5d28f32212f38a55a78c904b7b4f3e7ef64a6dfac708337bf3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 434632
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-6a1c8"
accept-ranges: bytes
x-amz-cf-id: Sb2DVFmPSERcw_xlrFxwiOpaMIn0-ZPvtSMAvb-6Mn5SXGx2sNNv3A==

GET
H2 200 img-promociones-fort-01.jpg
cibcfcibmiles.com/assets/images/promo/ 1 MB
1 MB 40ms
39ms Image
image/jpeg 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/promo/img-promociones-fort-01.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7a7baeda4e1558db54a3a879c9f1d3497defbe4a8c313f11e1b1819af93a9391

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cibcfcibmiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 1113719
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-10fe77"
accept-ranges: bytes
x-amz-cf-id: jATg_aVx-C05OoFf3ndGCwG9dqRU9_Kr00-zjNK8WfaFPjK8LG6OGw==

GET
H2 200 img-promociones-miami-01.jpg
cibcfcibmiles.com/assets/images/promo/ 81 KB
83 KB 52ms
51ms Image
image/jpeg 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/promo/img-promociones-miami-01.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

05a49db9f26c1949986bb7f3d04ac3912926f58187b68a125b5d351ab8356a26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cibcfcibmiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 82895
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-143cf"
accept-ranges: bytes
x-amz-cf-id: G_ajvAAgYTffhqAVfZA0clCdtldfZ9SFV21eYUp4B6l2vNHBxOZEcw==

GET
H2 200 img-promociones-newyork-01.jpg
cibcfcibmiles.com/assets/images/promo/ 138 KB
140 KB 42ms
42ms Image
image/jpeg 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/promo/img-promociones-newyork-01.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5eac289860b491f0d9faaae3b849e6f1fcf0093c6b36181fe82033cb7ed91a9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cibcfcibmiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 141295
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-227ef"
accept-ranges: bytes
x-amz-cf-id: e22sAb601_Z5uKC_5oe3ChH8ch9AbZvtwBhzqWQ5vGtu9hvOXMgHvA==

GET
H2 200 img-promociones-toronto-01.jpg
cibcfcibmiles.com/assets/images/promo/ 1 MB
1 MB 55ms
55ms Image
image/jpeg 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/promo/img-promociones-toronto-01.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

0fa8d54f7e3f3f058d392d57d9296b096567bd6d5eeac9085b888948ec664048

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cibcfcibmiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 1233198
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-12d12e"
accept-ranges: bytes
x-amz-cf-id: YVKydTkIv91X1aRI3rynsXM9TReL-ekMYOYw6z1qinWcTJPHy37mRg==

GET
DATA 200
OK truncated
/ 150 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fac0e13bfe90135764a88b128aeba6907c4eb0bfba06d573329e13ca95e3d801

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9aa80adf0c2356b9e6841f3320b6dc3a102ed9de62ddd42a04f05ec467c9622

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 img-promociones-fort-02.jpg
cibcfcibmiles.com/assets/images/promo/ 950 KB
953 KB 64ms
63ms Image
image/jpeg 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/promo/img-promociones-fort-02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

fe5029f69a5a4b2d30a509057c4058284ffd5f1eecc125644596c2df2af6ef26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cibcfcibmiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 972402
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-ed672"
accept-ranges: bytes
x-amz-cf-id: vyFA3QsU6KtBzALxg1wWni9yD28Lu4aHtURkVN2adg9r_HYwqzQ4ig==

GET
H2 200 img-promociones-miami-02.jpg
cibcfcibmiles.com/assets/images/promo/ 1 MB
1 MB 194ms
193ms Image
image/jpeg 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/promo/img-promociones-miami-02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

8d94099b0f42fd52830fc74a542d4231cfdd124ca6be7ab8efc2bf5dbd5d3f09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cibcfcibmiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 1349960
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-149948"
accept-ranges: bytes
x-amz-cf-id: LPWw9v9CszsOg-xpYIVGxuFIgeIRKw5rNGhfh0_1Dkkqi4VBx4uv7A==

GET
H2 200 img-promociones-newyork-02.jpg
cibcfcibmiles.com/assets/images/promo/ 4 MB
4 MB 64ms
63ms Image
image/jpeg 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/promo/img-promociones-newyork-02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

6999fdc9609efdc547019029280ce7f9b77175a577247bd07e0d25172e769b2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cibcfcibmiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 3937687
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-3c1597"
accept-ranges: bytes
x-amz-cf-id: 2xKR0Jebb-y9M8xolcGlhFNcuD21jnf-ckFafMDprvcO6wMZieUiHA==

GET
H2 200 bg-logo-header.svg
cibcfcibmiles.com/assets/images/ 925 B
3 KB 182ms
166ms Image
image/svg+xml 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/bg-logo-header.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c3c68276f37888b2095bd3e02cd0ccddbdd94de0ce2530a3cf70655a3d9f12a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cibcfcibmiles.com/
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 925
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-39d"
accept-ranges: bytes
x-amz-cf-id: Aei4b1xTOUDSh6KQxkmCsnra2aLneBbEbm49x2cCe8kki8XiKjqnbQ==

GET
H2 200 logo-cibc.svg
cibcfcibmiles.com/assets/images/cibc-miles/ 16 KB
19 KB 184ms
159ms Image
image/svg+xml 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/cibc-miles/logo-cibc.svg

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/assets/brand/styles/cibc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

516fd9b1bdd0829544cefbf49edd287ac7d6b7976edeae62b1913c81ae039e7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 16892
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-41fc"
accept-ranges: bytes
x-amz-cf-id: MJkUJEEH1doCJ4k3FjeCn3pv8sPKbLFCjXqEE5wCmupHUEgTkg1QiA==

GET
H2 200 NunitoSans-Regular.ttf
cibcfcibmiles.com/assets/brand/fonts/ 89 KB
91 KB 170ms
155ms Font
application/octet-stream 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/assets/brand/fonts/NunitoSans-Regular.ttf

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/assets/brand/styles/cibc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

13ad641781e6dd5f2134fcfc9b1589e3c66902b69ccbb68b74d3bd139c1e324e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 91460
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-16544"
accept-ranges: bytes
x-amz-cf-id: rEM0vkaWA7SqpE1ebqEWu6TmWuxAMitMTTCUQwOC3jOdyGhrEVSb1g==

GET
H2 200 NunitoSans-ExtraBold.ttf
cibcfcibmiles.com/assets/brand/fonts/ 90 KB
92 KB 170ms
155ms Font
application/octet-stream 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/assets/brand/fonts/NunitoSans-ExtraBold.ttf

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/assets/brand/styles/cibc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

542d03237568982513ab4ba62f156d113a06a70dc0ac98e757de8ffa238dad07

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 92228
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-16844"
accept-ranges: bytes
x-amz-cf-id: VWS2pguP_fibA50UNzYNasWYPD_TU6_t_rWbsDs4ojtCGPCQhyZoww==

GET
H2 200 NunitoSans-Bold.ttf
cibcfcibmiles.com/assets/brand/fonts/ 91 KB
93 KB 174ms
159ms Font
application/octet-stream 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/assets/brand/fonts/NunitoSans-Bold.ttf

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/assets/brand/styles/cibc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c571ae34f387c9b81381036896ea4f6c438f76282846bd3f0ebe159bb510018d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 93000
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-16b48"
accept-ranges: bytes
x-amz-cf-id: sRBdTF56815DFl8sPz2b9H8YjyvxUmhb1SYQmi9svsfCOpbyIKm0Zg==

GET
H2 200 NunitoSans-Light.ttf
cibcfcibmiles.com/assets/brand/fonts/ 88 KB
90 KB 171ms
157ms Font
application/octet-stream 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/assets/brand/fonts/NunitoSans-Light.ttf

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/assets/brand/styles/cibc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

29fb8b9658ff2ad79baac247b2fb3a1080dc8914011502e95d76c275317b63d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 89764
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-15ea4"
accept-ranges: bytes
x-amz-cf-id: YA6iimd5zdM3HHm1vfzfz7KwQC_Jfur3jIVRM1Od6GAmQks8_niylQ==

GET
H2 200 fondo1.png
cibcfcibmiles.com/assets/images/slide-cibc/ 447 KB
450 KB 144ms
141ms Image
image/png 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/slide-cibc/fondo1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e777ed383707256ba3cfab24b9c3bb5160e4427c15f4bebc92f43e105eabb3a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 458095
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-6fd6f"
accept-ranges: bytes
x-amz-cf-id: j1Ahkq8qaPxCw5QwuqaqhDWkkgdyGs-cDHGlDwj8XGuAB9qKShKwjA==

GET
H2 200 fondo2.png
cibcfcibmiles.com/assets/images/slide-cibc/ 461 KB
463 KB 140ms
138ms Image
image/png 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/slide-cibc/fondo2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c363fc5575918f22b56b0fa54fa11165ca0a620f830cd353bd37d81af325c2c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 471823
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-7330f"
accept-ranges: bytes
x-amz-cf-id: t4FO9bgK-BX21NAwaAMIgO2Vp61jGVYmE4uMdQtYoafu5qzMp3eUPA==

GET
H2 200 fondo3.png
cibcfcibmiles.com/assets/images/slide-cibc/ 475 KB
477 KB 160ms
158ms Image
image/png 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/slide-cibc/fondo3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

245be4b2113c03a2a8509cb4405b6f6d20ce3dc4077119039b4a2b5b344e2b99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 486075
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-76abb"
accept-ranges: bytes
x-amz-cf-id: gx1fYyAjOK0PU-HYWv4kOoLRIelSwkGLkgdLTtTZJNNS_jONsOyujg==

GET
H2 200 fondo4.png
cibcfcibmiles.com/assets/images/slide-cibc/ 491 KB
493 KB 188ms
186ms Image
image/png 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/slide-cibc/fondo4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

cc9e08e6e5af3bd93f0a68b1d10ccd5923cbf42ffb0a54ccf9166a5587e22918

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 502350
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-7aa4e"
accept-ranges: bytes
x-amz-cf-id: xGfWGIMdUSK0SmZonCVC8YddcKfhLuBsvIx7FhXL0RIIqvh1XcTfYw==

GET
H2 200 fondo5.png
cibcfcibmiles.com/assets/images/slide-cibc/ 561 KB
564 KB 148ms
146ms Image
image/png 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/slide-cibc/fondo5.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

6b9f92001dffef5cc30e354250b69810699d542a16e828ddcfc4059ea22d26bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 574475
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-8c40b"
accept-ranges: bytes
x-amz-cf-id: 3jc7aSlNvsvQQ66Nru0sJudAFGNKp4563gqbY0Pk43GQltfd89-WtQ==

GET
H2 200 bg-logo-header.svg
cibcfcibmiles.com/assets/images/ 925 B
3 KB 48ms
47ms Image
image/svg+xml 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/bg-logo-header.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c3c68276f37888b2095bd3e02cd0ccddbdd94de0ce2530a3cf70655a3d9f12a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cibcfcibmiles.com/
Origin: https://cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 925
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-39d"
accept-ranges: bytes
x-amz-cf-id: LWeReJFKqs2Xdj90aad0Tn7Z4GYN3h1Qfs4yELqWZibfbcaLDxvTrQ==

GET
H2 200 img-promociones-fort-01.jpg
cibcfcibmiles.com/assets/images/promo/ 1 MB
1 MB 47ms
45ms Image
image/jpeg 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/promo/img-promociones-fort-01.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7a7baeda4e1558db54a3a879c9f1d3497defbe4a8c313f11e1b1819af93a9391

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cibcfcibmiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 1113719
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-10fe77"
accept-ranges: bytes
x-amz-cf-id: Ni5-FoEhgKuN7Cr2TMLel6WBCfhXGFbNkiStDOw6WTInmxtqGE0ICw==

GET
H2 200 img-promociones-miami-01.jpg
cibcfcibmiles.com/assets/images/promo/ 81 KB
83 KB 73ms
72ms Image
image/jpeg 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/promo/img-promociones-miami-01.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

05a49db9f26c1949986bb7f3d04ac3912926f58187b68a125b5d351ab8356a26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cibcfcibmiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 82895
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-143cf"
accept-ranges: bytes
x-amz-cf-id: EKE_DUvS6szDErGtBajL3Iv_oD9zyVSpBI0pSiJio7SH0A1wKNojLw==

GET
H2 200 img-promociones-newyork-01.jpg
cibcfcibmiles.com/assets/images/promo/ 138 KB
140 KB 78ms
77ms Image
image/jpeg 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/promo/img-promociones-newyork-01.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5eac289860b491f0d9faaae3b849e6f1fcf0093c6b36181fe82033cb7ed91a9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cibcfcibmiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 141295
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-227ef"
accept-ranges: bytes
x-amz-cf-id: lEeNGReuECZh7s35kfb1j0e9DkT-85SfEyr1vXBEQy4OcWGFLzLGcQ==

GET
H2 200 img-promociones-toronto-01.jpg
cibcfcibmiles.com/assets/images/promo/ 1 MB
1 MB 74ms
73ms Image
image/jpeg 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/promo/img-promociones-toronto-01.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

0fa8d54f7e3f3f058d392d57d9296b096567bd6d5eeac9085b888948ec664048

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cibcfcibmiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 1233198
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-12d12e"
accept-ranges: bytes
x-amz-cf-id: 0Pow5BdM0f_qtfhqAU2Ko9wknMrYAR9B5EdFmKrJlcJf321KxCGrJw==

GET
H2 200 img-promociones-fort-02.jpg
cibcfcibmiles.com/assets/images/promo/ 950 KB
953 KB 40ms
40ms Image
image/jpeg 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cibcfcibmiles.com/assets/images/promo/img-promociones-fort-02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

fe5029f69a5a4b2d30a509057c4058284ffd5f1eecc125644596c2df2af6ef26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cibcfcibmiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 972402
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
etag: "62070f07-ed672"
accept-ranges: bytes
x-amz-cf-id: XvcDYkDciFmaBLYZ1aLWBa3mg0feU3RaUrZmfYkATH84TIUwClNf6g==

GET
H2 200 main.min.css
travel.cibcfcibmiles.com/resources/0301A5B492463C130DA87F989282AB9A/dist/Web/css/ Frame 6560 396 KB
80 KB 49ms
49ms Stylesheet
text/css 64.76.235.73
LVLT-3549

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.cibcfcibmiles.com/resources/0301A5B492463C130DA87F989282AB9A/dist/Web/css/main.min.css

Requested by

Host: travel.cibcfcibmiles.com
URL: https://travel.cibcfcibmiles.com/flights/?idioma=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.76.235.73 , United States, ASN3549 (LVLT-3549, US),

Reverse DNS

64.76.235.73-static.reverse.ejuniper.com

Software

/ IT Team

Resource Hash

86f530a1311315ae5bb3c95f04819ba52dfe4932a2fab3a7a9adaaec267685c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.allegra.tech https://.iatairewards.com https://.go2redeem.com go2redeem.com viajes.allegrarewards.com https://.cibcfcibmiles.com cibcfcibmiles.com https://.ncbmiles.com ncbmiles.com https://.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://.viajesbaccredomatic.com https://.baccredomatic.com https://apap-rewards.com https://.apap-rewards.com https://.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://*.allegra.tech https://*.iatairewards.com https://*.go2redeem.com go2redeem.com viajes.allegrarewards.com https://*.cibcfcibmiles.com cibcfcibmiles.com https://*.ncbmiles.com ncbmiles.com https://*.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://*.viajesbaccredomatic.com https://*.baccredomatic.com https://apap-rewards.com https://*.apap-rewards.com https://*.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: IT Team
vary: Accept-Encoding
content-length: 82004
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Mar 2022 12:17:59 GMT
date: Fri, 25 Mar 2022 18:49:59 GMT
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H/1.1 200
OK travel-app.png
s3.us-east-2.amazonaws.com/prodalleimages.alle2020.com/myrewards-v2/ Frame 6560 367 KB
367 KB 163ms
56ms Image
image/png 52.219.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/prodalleimages.alle2020.com/myrewards-v2/travel-app.png
Requested by: Host: travel.cibcfcibmiles.com
URL: https://travel.cibcfcibmiles.com/flights/?idioma=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.101.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: a2017ecf9802db3f3095ed96372862d729c5baf9dbc12a9d9fa7c5064536b29d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 18:50:00 GMT
Last-Modified: Sat, 24 Oct 2020 03:26:50 GMT
Server: AmazonS3
x-amz-request-id: S8TD3YF15J792DMP
ETag: "e7fb237cab2d9164c648ba2aef43f365"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 375619
x-amz-id-2: vjbdnJb09T9AmJXyoaFV5KXg492gujB+NVHxG5GpiH9gIQGQMZPtsnjWcvAiLmXJlWx+NEXYrXw=

GET
H2 200 i18n.tags.en.min.js Show response
travel.cibcfcibmiles.com/resources/C0AE25CDAAACF2DEC7CCC684F5B7F3D6/i18n/ Frame 6560 24 KB
8 KB 75ms
75ms Script
application/javascript 64.76.235.73
LVLT-3549

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.cibcfcibmiles.com/resources/C0AE25CDAAACF2DEC7CCC684F5B7F3D6/i18n/i18n.tags.en.min.js

Requested by

Host: travel.cibcfcibmiles.com
URL: https://travel.cibcfcibmiles.com/flights/?idioma=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.76.235.73 , United States, ASN3549 (LVLT-3549, US),

Reverse DNS

64.76.235.73-static.reverse.ejuniper.com

Software

/ IT Team

Resource Hash

f3ae0146c0c0ef2fa275f31f24ae49973f7011ec16badafe810b131ceb34d651

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.allegra.tech https://.iatairewards.com https://.go2redeem.com go2redeem.com viajes.allegrarewards.com https://.cibcfcibmiles.com cibcfcibmiles.com https://.ncbmiles.com ncbmiles.com https://.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://.viajesbaccredomatic.com https://.baccredomatic.com https://apap-rewards.com https://.apap-rewards.com https://.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://*.allegra.tech https://*.iatairewards.com https://*.go2redeem.com go2redeem.com viajes.allegrarewards.com https://*.cibcfcibmiles.com cibcfcibmiles.com https://*.ncbmiles.com ncbmiles.com https://*.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://*.viajesbaccredomatic.com https://*.baccredomatic.com https://apap-rewards.com https://*.apap-rewards.com https://*.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: IT Team
vary: Accept-Encoding
content-length: 8445
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Mar 2022 12:18:15 GMT
date: Fri, 25 Mar 2022 18:50:00 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 base.min.js Show response
travel.cibcfcibmiles.com/resources/8DCC8B98FBFBF7361C7A844CF59A4AC9/js/bundles/ Frame 6560 501 KB
185 KB 51ms
51ms Script
application/javascript 64.76.235.73
LVLT-3549

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.cibcfcibmiles.com/resources/8DCC8B98FBFBF7361C7A844CF59A4AC9/js/bundles/base.min.js

Requested by

Host: travel.cibcfcibmiles.com
URL: https://travel.cibcfcibmiles.com/flights/?idioma=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.76.235.73 , United States, ASN3549 (LVLT-3549, US),

Reverse DNS

64.76.235.73-static.reverse.ejuniper.com

Software

/ IT Team

Resource Hash

571ff0b1004ba207916eae3e5563b3d19a02064736d885613145ffd34051a5af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.allegra.tech https://.iatairewards.com https://.go2redeem.com go2redeem.com viajes.allegrarewards.com https://.cibcfcibmiles.com cibcfcibmiles.com https://.ncbmiles.com ncbmiles.com https://.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://.viajesbaccredomatic.com https://.baccredomatic.com https://apap-rewards.com https://.apap-rewards.com https://.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://*.allegra.tech https://*.iatairewards.com https://*.go2redeem.com go2redeem.com viajes.allegrarewards.com https://*.cibcfcibmiles.com cibcfcibmiles.com https://*.ncbmiles.com ncbmiles.com https://*.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://*.viajesbaccredomatic.com https://*.baccredomatic.com https://apap-rewards.com https://*.apap-rewards.com https://*.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: IT Team
vary: Accept-Encoding
content-length: 189155
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Mar 2022 12:18:15 GMT
date: Fri, 25 Mar 2022 18:50:00 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 ctlSearchLinks.min.js Show response
travel.cibcfcibmiles.com/resources/8122694D10DC2E95AE1446FBA636E0CB/include/ctlSearchLinks/js/ Frame 6560 2 KB
991 B 546ms
544ms Script
application/javascript 64.76.235.73
LVLT-3549

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.cibcfcibmiles.com/resources/8122694D10DC2E95AE1446FBA636E0CB/include/ctlSearchLinks/js/ctlSearchLinks.min.js

Requested by

Host: travel.cibcfcibmiles.com
URL: https://travel.cibcfcibmiles.com/flights/?idioma=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.76.235.73 , United States, ASN3549 (LVLT-3549, US),

Reverse DNS

64.76.235.73-static.reverse.ejuniper.com

Software

/ IT Team

Resource Hash

aa1a2419b9b615852c58b83b7cdf67ca3eb6b8a1aba41e59ca01d41ebd58cc51

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.allegra.tech https://.iatairewards.com https://.go2redeem.com go2redeem.com viajes.allegrarewards.com https://.cibcfcibmiles.com cibcfcibmiles.com https://.ncbmiles.com ncbmiles.com https://.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://.viajesbaccredomatic.com https://.baccredomatic.com https://apap-rewards.com https://.apap-rewards.com https://.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://*.allegra.tech https://*.iatairewards.com https://*.go2redeem.com go2redeem.com viajes.allegrarewards.com https://*.cibcfcibmiles.com cibcfcibmiles.com https://*.ncbmiles.com ncbmiles.com https://*.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://*.viajesbaccredomatic.com https://*.baccredomatic.com https://apap-rewards.com https://*.apap-rewards.com https://*.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: IT Team
vary: Accept-Encoding
content-length: 942
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Mar 2022 12:18:15 GMT
date: Fri, 25 Mar 2022 18:50:00 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 home.min.js Show response
travel.cibcfcibmiles.com/resources/4D38B682BE15D8E85D85D5F8F90BCC1F/js/bundles/ Frame 6560 539 B
449 B 547ms
544ms Script
application/javascript 64.76.235.73
LVLT-3549

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.cibcfcibmiles.com/resources/4D38B682BE15D8E85D85D5F8F90BCC1F/js/bundles/home.min.js

Requested by

Host: travel.cibcfcibmiles.com
URL: https://travel.cibcfcibmiles.com/flights/?idioma=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.76.235.73 , United States, ASN3549 (LVLT-3549, US),

Reverse DNS

64.76.235.73-static.reverse.ejuniper.com

Software

/ IT Team

Resource Hash

51d6932b261f9d4054aa9d4e268841011b5745bac57e608845e73ee079238852

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.allegra.tech https://.iatairewards.com https://.go2redeem.com go2redeem.com viajes.allegrarewards.com https://.cibcfcibmiles.com cibcfcibmiles.com https://.ncbmiles.com ncbmiles.com https://.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://.viajesbaccredomatic.com https://.baccredomatic.com https://apap-rewards.com https://.apap-rewards.com https://.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://*.allegra.tech https://*.iatairewards.com https://*.go2redeem.com go2redeem.com viajes.allegrarewards.com https://*.cibcfcibmiles.com cibcfcibmiles.com https://*.ncbmiles.com ncbmiles.com https://*.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://*.viajesbaccredomatic.com https://*.baccredomatic.com https://apap-rewards.com https://*.apap-rewards.com https://*.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: IT Team
vary: Accept-Encoding
content-length: 401
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Mar 2022 12:18:15 GMT
date: Fri, 25 Mar 2022 18:50:00 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

GET
H2 200 searcher.min.js Show response
travel.cibcfcibmiles.com/resources/76978DEEDD1D6FA612295DE67606F33E/js/bundles/ Frame 6560 37 KB
11 KB 547ms
545ms Script
application/javascript 64.76.235.73
LVLT-3549

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.cibcfcibmiles.com/resources/76978DEEDD1D6FA612295DE67606F33E/js/bundles/searcher.min.js

Requested by

Host: travel.cibcfcibmiles.com
URL: https://travel.cibcfcibmiles.com/flights/?idioma=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.76.235.73 , United States, ASN3549 (LVLT-3549, US),

Reverse DNS

64.76.235.73-static.reverse.ejuniper.com

Software

/ IT Team

Resource Hash

bfe25e9ed52a3a7390f3222ed0b78f51fc34fe1661db26a5ea471ab61129a69f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.allegra.tech https://.iatairewards.com https://.go2redeem.com go2redeem.com viajes.allegrarewards.com https://.cibcfcibmiles.com cibcfcibmiles.com https://.ncbmiles.com ncbmiles.com https://.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://.viajesbaccredomatic.com https://.baccredomatic.com https://apap-rewards.com https://.apap-rewards.com https://.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://*.allegra.tech https://*.iatairewards.com https://*.go2redeem.com go2redeem.com viajes.allegrarewards.com https://*.cibcfcibmiles.com cibcfcibmiles.com https://*.ncbmiles.com ncbmiles.com https://*.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://*.viajesbaccredomatic.com https://*.baccredomatic.com https://apap-rewards.com https://*.apap-rewards.com https://*.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: IT Team
vary: Accept-Encoding
content-length: 11180
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Mar 2022 12:18:15 GMT
date: Fri, 25 Mar 2022 18:50:00 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/cibc-699fc/ Frame 0
0 85ms
38ms Preflight
text/html 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/cibc-699fc/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key
Origin: https://cibcfcibmiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://cibcfcibmiles.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key
access-control-max-age: 3600
date: Fri, 25 Mar 2022 18:49:59 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/cibc-699fc/ 579 B
478 B 155ms
127ms Fetch
application/json 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/cibc-699fc/installations

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/polyfills-es2015.0e829e7d3592fcb6253b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98c89cfbfbe494d731664dd5054ca1acda729e0f4ef1f658880ed056caa1b10a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer
x-goog-api-key: AIzaSyD-uqIysc8F8vLDtlJ9sU5XYW8qnIT9G_Q
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

date: Fri, 25 Mar 2022 18:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cibcfcibmiles.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 455
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 151 KB
56 KB 35ms
34ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SK3VNFNXHW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8f71650870d97cdccd6b4794344502711fc6c6879b8901e934d24176039bd81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57574
x-xss-protection: 0
expires: Fri, 25 Mar 2022 18:49:59 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
348 B 83ms
32ms Ping
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SK3VNFNXHW&gtm=2oe3e0&_p=122874927&sr=1600x1200&ul=en-us&_fid=d1-jGByXWO_z4xd5sP0TBm&cid=627250425.1648234200&_s=1&dl=https%3A%2F%2Fcibcfcibmiles.com%2F&dt=My%20Rewards&sid=1648234199&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SK3VNFNXHW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 18:50:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cibcfcibmiles.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 101ms
24ms Script
application/javascript 208.89.12.153
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=46543114

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/main-es2015.3a2ff7b5542964091ed3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lptag.liveperson.net

Software

ws /

Resource Hash

145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/ 280 KB
102 KB 39ms
39ms Script
application/x-javascript 208.89.12.153
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/main-es2015.3a2ff7b5542964091ed3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lptag.liveperson.net

Software

ws /

Resource Hash

c45c5771f2d0618f99764e3d26f9538a4811f82842dd5ced90a824936bc6683b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 hotjar-1359146.js Show response
static.hotjar.com/c/ Frame 6560 4 KB
2 KB 19ms
18ms Script
application/javascript 52.85.61.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1359146.js?sv=6

Requested by

Host: travel.cibcfcibmiles.com
URL: https://travel.cibcfcibmiles.com/flights/?idioma=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-35.ewr53.r.cloudfront.net

Software

Resource Hash

2dfd7286cac1ca92c049489bd3e3430f72a5223dd83aab3e5884b13801e165ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:49:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1910
access-control-allow-origin: *
x-cache-hit: 1
etag: W/4c04b7529809a94f34cce045ce5df6cf
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 ae9634deb2e9d6f8d396fc6f1e0586fa.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: H0CVsRuG5CQ48MVQdOYsl7GzJP3i5rv6c-kYu0N0z9AZqq7S-r_42Q==

GET
H2 200 iconI.woff2
travel.cibcfcibmiles.com/fonts/icon/iconI/ Frame 6560 15 KB
15 KB 537ms
537ms Font
application/font-woff2 64.76.235.73
LVLT-3549

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.cibcfcibmiles.com/fonts/icon/iconI/iconI.woff2

Requested by

Host: travel.cibcfcibmiles.com
URL: https://travel.cibcfcibmiles.com/resources/0301A5B492463C130DA87F989282AB9A/dist/Web/css/main.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.76.235.73 , United States, ASN3549 (LVLT-3549, US),

Reverse DNS

64.76.235.73-static.reverse.ejuniper.com

Software

/ IT Team

Resource Hash

76432b02a931390985e0da1f4adcc6b7d2a44387d518c094002da4746a79ffcc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.allegra.tech https://.iatairewards.com https://.go2redeem.com go2redeem.com viajes.allegrarewards.com https://.cibcfcibmiles.com cibcfcibmiles.com https://.ncbmiles.com ncbmiles.com https://.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://.viajesbaccredomatic.com https://.baccredomatic.com https://apap-rewards.com https://.apap-rewards.com https://.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travel.cibcfcibmiles.com/resources/0301A5B492463C130DA87F989282AB9A/dist/Web/css/main.min.css
Origin: https://travel.cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://*.allegra.tech https://*.iatairewards.com https://*.go2redeem.com go2redeem.com viajes.allegrarewards.com https://*.cibcfcibmiles.com cibcfcibmiles.com https://*.ncbmiles.com ncbmiles.com https://*.myfcrewards.com myfcrewards.com https://fixedrates.scotia-rewards.com https://travel.apap-rewards.com https://uat.scotia-rewards.com https://uatlifemiles.allegra.tech https://lifemiles.net https://lifemiles.com https://morefares.lifemiles.com https://morefares.lifemiles.net https://travel.baccredomatic.voyage https://baccredomatic.voyage https://scotia-rewards.com https://uatbaccredomatic.allegra.tech https://cibcfcibmiles.com https://*.viajesbaccredomatic.com https://*.baccredomatic.com https://apap-rewards.com https://*.apap-rewards.com https://*.myrewardsapap.com https://myrewardsapap.com https://myrewardsgobipuntos.com https://travel.myrewardsgobipuntos.com https://www.lifemiles.com https://lifemiles.net https://travel.lifemiles.net https://travel.lifemiles.com https://offlinetravel.allegra.tech 'self'
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Mar 2022 12:14:49 GMT
x-powered-by: IT Team
strict-transport-security: max-age=31536000
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=2592000
date: Fri, 25 Mar 2022 18:50:00 GMT
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 15480
x-xss-protection: 1; mode=block

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ Frame 6560 236 KB
62 KB 20ms
19ms Script
application/javascript 52.85.61.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1359146.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-25.ewr53.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1331274
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-P1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: zTz_T68R0jLpVFbjpVvvsa2efuAFwEG5SI-zyZliCP7eCWFKffQ0HQ==

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/46543114/configuration/setting/accountproperties/ 6 KB
2 KB 127ms
51ms Script
application/javascript 208.89.12.91
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/46543114/configuration/setting/accountproperties/?cb=lpCb12514x37734

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

4709e23e7f78f26406956e5915d58ab3db3f6e3e5a0f6da4afb6656dfd2977ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 2
expires: Fri, 25 Mar 2022 18:51:00 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/46543114/configuration/le-campaigns/ 2 KB
707 B 99ms
29ms Script
application/javascript 208.89.12.91
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/46543114/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

db618f11ce819be858b45b4881f137b3092e041c234df464584939a86a488151

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Fri, 25 Mar 2022 18:51:00 GMT

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/ Frame C8D9 39 KB
16 KB 207ms
110ms Document
text/html 208.89.12.90
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fcibcfcibmiles.com&site=46543114&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Fri, 25 Mar 2022 18:50:00 GMT
content-type: text/html
last-modified: Fri, 05 Nov 2021 13:34:21 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 25 Mar 2022 19:00:00 GMT
cache-control: max-age=600

GET
H2 200 widget.iframe_alletravel.js Show response
cibcfcibmiles.com/js/ Frame 6560 42 KB
12 KB 68ms
29ms XHR
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/js/widget.iframe_alletravel.js

Requested by

Host: travel.cibcfcibmiles.com
URL: https://travel.cibcfcibmiles.com/flights/?idioma=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7423f4da22d73a00e2e8a9a9fb99595f650e4691c2ba310c22b70fa37d1f516b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-a8c6"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: Y0b4JqPremfapFOFERgMY44Aco1UX_1K_5nVwK6mgJ008wPKxSVDEw==

GET
H2 200 widget.iframe_alletravel.js Show response
cibcfcibmiles.com/js/ Frame 6560 42 KB
12 KB 27ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cibcfcibmiles.com/js/widget.iframe_alletravel.js

Requested by

Host: travel.cibcfcibmiles.com
URL: https://travel.cibcfcibmiles.com/flights/?idioma=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7423f4da22d73a00e2e8a9a9fb99595f650e4691c2ba310c22b70fa37d1f516b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Sat, 12 Feb 2022 01:36:07 GMT
server: nginx
etag: W/"62070f07-a8c6"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
permissions-policy: camera=(), fullscreen=(), geolocation=(), microphone=(), payment=(), usb=()
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.go2redeem.com *.cibcfcibmiles.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 8v5PjYOBoF4z2ZZDYtbTZmTbBkT5BGEUgaZsarPqvcjEtNobhHaqtg==

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 013F 2 KB
1 KB 17ms
17ms Document
text/html 52.85.61.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1359146.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-112.ewr53.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en

Response headers

content-type: text/html
content-length: 1044
date: Sun, 20 Feb 2022 02:43:53 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Thu, 17 Feb 2022 14:12:00 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: 8nqQoLPaB3hhDDF8iHx2hQX6sT1OArSUsIk_WJJPSp58ZhgRWgVGZw==
age: 2909168

GET
H2 200 / Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 2 KB
3 KB 48ms
46ms Document
text/html 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/

Requested by

Host: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/js/widget.iframe_alletravel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

91014c308fcb40b4cdfdff2eea60932b396c8ede6af2c4bf96271a8f2258a8bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en

Response headers

content-type: text/html
date: Fri, 25 Mar 2022 18:50:01 GMT
server: nginx
last-modified: Wed, 15 Dec 2021 23:40:25 GMT
etag: W/"61ba7ce9-66f"
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
strict-transport-security: max-age=31536000; includeSubDomains max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: no-referrer
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: mdsjcELvcl4gh33qTGH5IR8NJQOm0QzFnKjwzfHqg3wwKsDQ7wbzAg==

GET
H2 200 tutorial-SlideOP_EN.gif
ifupperclub.cibcfcibmiles.com/assets/img/loaders/ Frame 6560 1 MB
1 MB 55ms
54ms Image
image/gif 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ifupperclub.cibcfcibmiles.com/assets/img/loaders/tutorial-SlideOP_EN.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

fd680cee2be4bba3af8662239a9640bacf37a94ca07cc4494b96933ca16ebb6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://travel.cibcfcibmiles.com/flights/?idioma=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 1298979
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
date: Fri, 25 Mar 2022 18:50:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: image/gif
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
etag: "61ba7ce8-13d223"
accept-ranges: bytes
x-amz-cf-id: bce6EJBZTsazKFNLP2FxbOOQ9jgVxdBD4hvoBriDLMYB1P_MAYohRA==

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/ 38 KB
15 KB 48ms
48ms Script
application/javascript 208.89.12.90
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fcibcfcibmiles.com&site=46543114&force=1&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
last-modified: Fri, 05 Nov 2021 13:34:21 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 25 Mar 2022 19:00:01 GMT

GET
H2 200 46543114 Show response
lo.v.liveperson.net/api/js/ 632 B
1 KB 531ms
180ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lo.v.liveperson.net/api/js/46543114?&cb=lpCb92207x50192&t=sp&ts=1648234200322&pid=5532043920&tid=9912227983&pt=My%20Rewards&u=https%3A%2F%2Fcibcfcibmiles.com%2F%23%2Ftravel&sec=%5B%22cibc%22%5D&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.70 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo.v.liveperson.net
Software: ws /
Resource Hash: d1a10b36947341679208c391fb29304c2a62c08ef5c0576ae4d569c12c799a93

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/ Frame 1686 47 KB
14 KB 71ms
41ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 686211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13696
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-bb47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1JnkzStPsyVzeEXoAE3btPrA5ZjdxHzR1GXyKiFl085OiHnA3h3zvOoKsBusgDmCQ%2F9bESY2nK6D2kNJ%2B27dtD7hnluVYbdQB478nduJqz4n0cId%2BSfxBEGQIbaYZhb6vOKRFHZdftM3w8HeN%2Fbv3NP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f19d46eff167138-YUL
expires: Wed, 15 Mar 2023 18:50:01 GMT

GET
H2 200 hmac-sha256.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/ Frame 1686 301 B
942 B 52ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/hmac-sha256.min.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d46bac93ca7d097d358fcb1e7c8614882ee006802bc97efe614514de220ebedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9163494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 176
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-12d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70%2FedNZWeuk5O4jAWami1pWX3EkCSy1SkgnpAEuzsIoe7pmRSPt55l4AoJ5%2B0ugWzLF48apPoRObdnOZ4%2B%2BXyOIlgXeXNopKXfLBT8l0IiKUHogZ4hLiqdB3Daz4IKdPDU4wdqin9VF4cXVlsiggoAw6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f19d46eff1b7138-YUL
expires: Wed, 15 Mar 2023 18:50:01 GMT

GET
H2 200 enc-base64.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/ Frame 1686 1 KB
922 B 64ms
35ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/enc-base64.min.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed29ffd58d49d6e9f168faa18cd3f2e6a4caaaff5cdaba1c62c7c2ce093010e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 169450
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 602
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-44b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwXVBjZRzvZ0rf%2FQRfn5Rh3nXLqS4nJpNITyhLWAYcB9HJcLHPf1MUffgtXuDi2agZeOr0r%2FJdMnes9pXP4AzwrH%2BUmZsJ01BQ%2Fp%2B1nZiuY8FsQkH5EUf4kH6o7WJ2nTBMBcBsk2OE6FQO8YbwLLoda%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f19d46eff177138-YUL
expires: Wed, 15 Mar 2023 18:50:01 GMT

GET
H2 200 styles.8882e638e0870cae9938.css
ifupperclub.cibcfcibmiles.com/ Frame 1686 680 KB
112 KB 75ms
74ms Stylesheet
text/css 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/styles.8882e638e0870cae9938.css

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

2eefd24dbb705cb3290d2968473d7e4dbad88a658aa643ad94688418a29be8b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:25 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce9-a9f96"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: text/css
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: ZCF8yNuctECZK1CqkyHlCEVhEgJljlOJAS5ys64HaTXiF1g0TXRBIg==

GET
H2 200 runtime.6f0645e6fab6ff817ceb.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 4 KB
4 KB 29ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

475bdc2a748b0813719b33eb2a726e1b026e154940fc43e0cee4ff44d4b1a117

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:25 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce9-102d"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: V_lQBBoewKUrUvlefep73jofthHE6h3FIxRMrztDKvniBZ9AniqxTw==

GET
H2 200 polyfills.24fb99b5a33d2fa83ae8.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 44 KB
19 KB 28ms
27ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/polyfills.24fb99b5a33d2fa83ae8.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7bda3f26d0e6f14386e84a357f52188862b4f68e697f97f7cab2fe12d8226b08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:25 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce9-afd1"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 2-oDPVDtCvNBqsboJoV3SGqLwGZXWJKxS_z8vfuXUaNwVwdL1C_bmA==

GET
H2 200 scripts.a2e5d3b594ca53fc668d.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 182 KB
69 KB 34ms
32ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/scripts.a2e5d3b594ca53fc668d.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

300b6228b363e19b9968505ca8b6236f279e968999817b76f84786627848cfd3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:25 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce9-2d715"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: JUScWuU8_uET0cIFA1p2cOigS_FhWxA6UOCLDiRok-MYw-AHMBAqHg==

GET
H2 200 cordova.63b449c962532a113eb6.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 16 KB
8 KB 41ms
39ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

43572879bb2f357fdc923f1b3da191effd738724e03658ecb8a26e44f26920e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:25 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce9-3ec3"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: C_eRnqxbyt70g9Gb-jNN6l9xIzU1GUqD7s0g_kfyU3Qag8a4qPSngA==

GET
H2 200 main.c569e7d51c8ac802eeb9.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 4 MB
1 MB 49ms
47ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/main.c569e7d51c8ac802eeb9.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

70659f0da7834c49e51842f93f7f2352a8ca9aaee9638ddd4fce2beceef88853

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:25 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce9-3dfa48"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: CitRfjOHkA9ttwu_cvzBH-q6tdoz4McrpYshIZZuBElCyKCC9osRlA==

GET
H2 200 cordova_plugins.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 23 KB
5 KB 284ms
283ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/cordova_plugins.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

cd682dfda08ff60cb63ec08fc2e59a9d266177c25cfbe7b53400c5febbc22399

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:34:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba3530-5c0c"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: CRiO0OIHQL57_1i8EtVI_gbM0oc1ZbMceOJWvZlLvhiZpU9zq8poPw==

GET
H2 200 cdv-plugin-card-io.js Show response
ifupperclub.cibcfcibmiles.com/plugins/card.io.cordova.mobilesdk/www/ Frame 1686 2 KB
3 KB 56ms
55ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/card.io.cordova.mobilesdk/www/cdv-plugin-card-io.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c6f62b46bcaa544a9c14dd6c8e8455566764b5d2755c5f51f2c0f3b719850353

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-874"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: SIkHR1xaLaTXwrDYXfOKMpz8K_voCTN0y_XqVWZFSerpiOIC2IyeKw==

GET
H2 200 Base64.js Show response
ifupperclub.cibcfcibmiles.com/plugins/com-badrit-base64/www/ Frame 1686 995 B
3 KB 54ms
52ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/com-badrit-base64/www/Base64.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

2f0d9d561361ce8ddaa7bb093ccad9f040d91e955e45138988cbcdc0a04b4c28

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-3e3"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: cdIAkpMlORKu9iSHaeo_sKJQzjWg1yt5v8WRjGc3d8W1efkNR1qiAg==

GET
H2 200 startApp.js Show response
ifupperclub.cibcfcibmiles.com/plugins/com.lampa.startapp/www/ Frame 1686 3 KB
3 KB 53ms
51ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/com.lampa.startapp/www/startApp.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ed873b82fd306f99d20e8428cf44a26943dbe2b3037d04b23fba4188a4564975

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-b87"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: Ujd2F2DH8tIhZPFfbQXT7G5bQUcOh0OC71PUZ3gfoGXeittyWszGeg==

GET
H2 200 UpperPlugins.js Show response
ifupperclub.cibcfcibmiles.com/plugins/com.upperclub.upperplugins/www/ Frame 1686 2 KB
3 KB 27ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/com.upperclub.upperplugins/www/UpperPlugins.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

0ea889eead3d7a70549f2958199a55540521b7c06c3a0e8affebc7cb487fc92a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-61e"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: v1qWu72FJWitFQP-gEh7lSdbF6FS2-fkzlNRkH0fWUIWNVfks0U9XQ==

GET
H2 200 clipboard.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-clipboard/www/ Frame 1686 1 KB
3 KB 28ms
27ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-clipboard/www/clipboard.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

07a0604f32bc9424f9f0e6c1eb9b828bb6f20f5f8cdba2737e5162fe3d7b1f36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-567"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: pX6nF7Nv5iLYRD9jyUqQeLPrs5vGoAgOnUXOrEPNHQEzLPbdEyRHGw==

GET
H2 200 device.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-device/www/ Frame 1686 3 KB
4 KB 109ms
109ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-device/www/device.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

6de54d4b47310ba00a978e489d3d2c35ec008e7225025863ae0355ace2d84d7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-bfe"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: QW4SVjG10jeDUANPcEJPu0k8HdOVJYksuQ8dgaFyY2pKzZxxouSOPQ==

GET
H2 200 DeviceProxy.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-device/src/browser/ Frame 1686 3 KB
3 KB 32ms
31ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-device/src/browser/DeviceProxy.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

d666dc9812b32f9c55da31c41d00900181091bb3e2a9e774410b54aced305618

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-b4a"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: PTry45eNvr6ZXt77HtuCUvN2r-MuWKwYjeuwGOqey7TAYuqfqftNzQ==

GET
H2 200 launchreview.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-launch-review/www/ Frame 1686 3 KB
4 KB 66ms
65ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-launch-review/www/launchreview.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

2190bea6a046d0c3ff41efd7ac3c48a511ec2190153b74f6e8361b29a4975d26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-b76"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: TW3Wgmyd-YCwjmkX1ugUMkFG1Vv8fBuxnMrDjwa6NJXZDd7kaz8fOQ==

GET
H2 200 DirectoryEntry.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 5 KB
4 KB 34ms
33ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/DirectoryEntry.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

0e2e8da6bd0fab4d58ce1df87ede31c7d41081fae677b685cebdfc65639d383f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-1249"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: hcGvlBEaFxVQzrSwailIa-KI9x-5rSRmNuLCJAJ9I8CtlM3UCzb0yQ==

GET
H2 200 DirectoryReader.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 3 KB
3 KB 37ms
36ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/DirectoryReader.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

88dedbfdaabe18a38af2216c415b81378e7221087bfb2e1fc173607698a10d6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-aa4"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: J4tRU3SkIJRLUrYcYryxXnK1CyePH3ZxgsKFCMyYaeD6uj6ymqRv0w==

GET
H2 200 Entry.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 10 KB
5 KB 51ms
50ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/Entry.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

8a29f8dffd208fcef7e89a651aa1fb74ade7123ca1eee4c22c21f453ec56b7f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-268d"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: nQTnbkg6FvVoOyjYU1tPiiExRmwEHjMmA0L1cyAJXA9ZUX5wL9hb_g==

GET
H2 200 File.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 3 KB
3 KB 33ms
32ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/File.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

137880b5c04cec30d233189acecbae700caa764b784f670ef1bd04424b59072f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-a9a"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: N8ehmCEziBfvDKFYhLvbp82o5st6krGSPVr15nUcig5uosPwuyXRNw==

GET
H2 200 FileEntry.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 3 KB
4 KB 26ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/FileEntry.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

d6d8dd97023ed0f4b88db2cb3cfad8562c9c8aff1611e9b505609eb2bd1e570e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-d5f"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: uAafskMdjfHFpt7zajRTT_Nnl7rV550z0KWDrQ4TgumFOLxoH7AytA==

GET
H2 200 FileError.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 1 KB
3 KB 29ms
29ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/FileError.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

8f08bf357c6e471b03c0ee03976e75c51e0b24f7982bdd7b58b393e89d648712

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-5cb"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: feNKrWwV_xB3QYkFxYzJjkuaYQBbstPMRng1EBB8pPPGKyFlwSXUfg==

GET
H2 200 FileReader.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 10 KB
6 KB 28ms
27ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/FileReader.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f78264f3edd1037b0e3ae430daacc77ce2b93bf91c52cc488ddb43b162dbe82d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-291b"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: wz2NN9VXSXa3Wa_jjsCVZkv2jPfuaWnyCHrOtakglaX6P-0Nk8-0Fw==

GET
H2 200 FileSystem.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 2 KB
3 KB 33ms
32ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/FileSystem.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

8d7ec26db4b39364ccefef83632cd92c628dc823839c150066e37852848e0fc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-7a8"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: nUQZNxrLNi_1-0wcat4NXE8wxxuFmNe2zCoG0X3l5amqrIsUy90jpg==

GET
H2 200 FileUploadOptions.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 2 KB
3 KB 39ms
39ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/FileUploadOptions.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5ac3989ee52d37bc16fed40078935b00aaa0473e8c5b690e647e18ecdac49920

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-727"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: n7CXkiIQSCw_toMx7baeOtUpFG7gyx0W7aLIAauM-d9Z2S-XtSp8rg==

GET
H2 200 FileUploadResult.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 1 KB
3 KB 31ms
30ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/FileUploadResult.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

d6312a87831d569843b9c471a6a5125a45c383e513bc93637b86c428ccaaa1ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-457"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: yMf-HIFQp0CHMGjjZHbYVi2fghkV83MbIrkPANcgqPTKXdoE6Wgu1g==

GET
H2 200 FileWriter.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 10 KB
5 KB 26ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/FileWriter.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ca3d630a45c054180866155375b5ba7cfb4ca703797235444506807bd56305d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-295a"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: rFoss9gQDwd6TZU_AtInVXj3VnZjGHzhLNIrxI_APdfqFRJvbtjLYg==

GET
H2 200 Flags.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 1 KB
3 KB 68ms
68ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/Flags.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

45cb6dceaef639f01af719a200c43791364432b9815649374e614ab79da4eb67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-538"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: CJI9zRl4WptrYG2-h9qJkiLqZY3W1hhln6sxfyrvefXyZ_Ca73dsMw==

GET
H2 200 LocalFileSystem.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 957 B
3 KB 59ms
58ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/LocalFileSystem.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

05a3eae5487356555f1ed167567a9d9332b292ff96a49db7ee7f9454754e0c7e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-3bd"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: bz9ea51OpDsgL-5za1s4R55uqnoIZp7Rbu6TOb_1nyZCNMdjaHZK5Q==

GET
H2 200 Metadata.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 1 KB
3 KB 51ms
50ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/Metadata.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

acaf08d93d1f9689d82b7850101420bcea1919a4d314058c3b52762d8b43c212

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-5d0"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: zZTZvDDlpcoYuKUaFwKMf9oAbb3sWFW5v-LdtC1WboZaRWHJU88TOw==

GET
H2 200 ProgressEvent.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 2 KB
3 KB 32ms
30ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ProgressEvent.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7d3fdc727d4e08b6ddccfa053f73e5e6719987a2317d0e85259e6f24a79c9cc8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-9f0"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: mLZjis7yfeQ25iJilRQGRLYfrivDCMVlnpX3UNxMnSzLQuyyunRZ-Q==

GET
H2 200 fileSystems.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 1 KB
3 KB 42ms
40ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/fileSystems.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f7608f06056eaf0ba34e2bb129d065c4fb4f084cc9b7632a34be39430264c461

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-417"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: LxadTJOV9IC3qT9KuXc0J00jtio3eRuJZdoWGNk4r2TANzDDjebTjw==

GET
H2 200 requestFileSystem.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 3 KB
4 KB 32ms
30ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/requestFileSystem.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

09aa91987c90c63c8a22e93e8b4c7887d9d93fe8eb9676724309673f83a3f2ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-cac"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: XEZpZkqrRXeyM3ZsQRtt83GhhvaBC8IK201zIP-crd40_kyFgv0b-A==

GET
H2 200 resolveLocalFileSystemURI.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 4 KB
4 KB 31ms
30ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/resolveLocalFileSystemURI.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

842752d0eeb04509a57f044d4bf65126cd5d43c5d39f0a9112b22c8cbf02c038

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-10e5"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: y2GaLQm6SSjvbqk0vf4iuygFUu-LxnmXNPwgPWDAO3FvI8t002q0Wg==

GET
H2 200 isChrome.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/browser/ Frame 1686 1 KB
3 KB 29ms
28ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/browser/isChrome.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

52ced8c517321c5a3b0789a979c5010495c663b0094c74726469351c76b8a272

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-4b6"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: kbDVx3GZI2Tb45KFwp7L0yop6GHD-Eao8YrnZqQ2OizPX0NpyKl7gA==

GET
H2 200 Preparing.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/browser/ Frame 1686 8 KB
5 KB 30ms
29ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/browser/Preparing.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ebf7717e137ee7d2d27480320336e53cd7b6a8d605a61857f0ca470e00b582df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-1f5b"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: pJD0zSrchE4ZapHWOR16DZ8YePfW3WgN9BSAM6vdQH8F6EfK2jk1Fg==

GET
H2 200 FileProxy.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/src/browser/ Frame 1686 43 KB
13 KB 86ms
85ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/src/browser/FileProxy.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

eedf3bfe9631158937a8c728d31a8a8221564450ce6a033be3555a7c21719b26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-ab5a"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: sSlJbVsLIU-GcuFf4RMArsD_fUbqEa-C3aF15206tFQAb3jjCAF2Mg==

GET
H2 200 fileSystemPaths.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/ Frame 1686 2 KB
3 KB 31ms
29ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/fileSystemPaths.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

3e7916504fe5c2751ee680f76818b98dfa2add8c3a5a1d9e82d7bdd970cafed7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-9f4"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: NnHC5id575q7qTpRGgxCgod7-wbswuA7t-V7X-s4fozkU-h_VGBbnA==

GET
H2 200 FileSystem.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/browser/ Frame 1686 1 KB
3 KB 31ms
30ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-file/www/browser/FileSystem.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

2ff77d5ad1a7b7466bb8dec1981f2e6c5fb42b12711ae75282a9a8923563a8a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-4b9"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: s8Zd809BBuDt77TdB1zDkN4E0TFTf0tiIzCxbGF8jL6D0B2XDt_OTw==

GET
H2 200 cookie-handler.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 2 KB
3 KB 51ms
49ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/cookie-handler.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

cebe5614902d18b2eaebfa3e7dd08b4166e4e1ba67864df3c36483f24868a6cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-79f"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: rW3CV7ZvaTi_u844UbR7TjT7TVVuuZIm0nZyhSWwkugvi8T_GHkETw==

GET
H2 200 dependency-validator.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 1 KB
3 KB 51ms
50ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/dependency-validator.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

9d7d4c0bbd38696d78c18087fa29492d50076ef8ea5811cc4193fceb076b8625

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-51f"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: q7WNC4ApQTPzhNeEhW-xO2CCl3rP5rSb0SBFBqvjdpiaXdAthfoe-w==

GET
H2 200 error-codes.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 272 B
2 KB 34ms
33ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/error-codes.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

33d484a7b8497b0ce14268931395c7e7bbf444c3e2d70a66a7fc2a6769e621d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-110"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: ZhwrxSZvgXK20gYRnhOCW7tXs2-AzN5jA_2rxRnJEUvXTf_CLrneCg==

GET
H2 200 global-configs.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 246 B
2 KB 26ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/global-configs.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

069dbc2133c191ca672c67bd67e9c787f58645acd33d79800efba5d3f8fecc10

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-f6"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: QQZuxyaaekDckidOZ3ZXqQSPG9RN03hWaTH3u0ix0eLF7Tj6puyvJw==

GET
H2 200 helpers.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 15 KB
7 KB 39ms
39ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/helpers.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e542ac60e7cddf286a6d1abdd3f229fc7a38e214cee01810c3a62fa71ca7e372

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-3d01"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: zQ4-u4T9CAipJ2D0gHsfgvgENRSGL0Snm4OOzKzXwcPMgwO8os_knw==

GET
H2 200 js-util.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 924 B
3 KB 28ms
27ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/js-util.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

a52f98d258bd8edf9f7804a1aebb7fac868b302bb32aa4f4ec934dfc37742c71

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-39c"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: n8uKIV3Q-9Gu0WJXChwDO0ru_LZcr_550eeNcTpCt-aOuR_FHfDlZQ==

GET
H2 200 local-storage-store.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 5 KB
4 KB 26ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/local-storage-store.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

928120b01fdd2f93a345f1fa8d80ae7f6e284f1a50356e0d04ef5a716ed9ad5a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-14a4"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: qirLysWPLDqOLaoD11dHSHU1UNzQV0vuNYLJdMygkos0U5hMSr74cg==

GET
H2 200 lodash.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 8 KB
6 KB 51ms
50ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/lodash.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

af79d1edf85558a1e4df4c8e059fac64e79ac065310c976c5c632e612932c81b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-204f"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: vXVI1GZsumoORwq9uAiA9THqu7p0-oL2TxRjSOpcDLcQQ2D6QI4Y4g==

GET
H2 200 messages.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 5 KB
4 KB 29ms
28ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/messages.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

20b472bbb66c1e1bc5b999da4672a763aba2c0927331db15d7f747f7eaa3ab53

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-123b"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: iS7Hdkbs2G5Dprb0Hqs0VB_Rv5a2FB1GzkYTbzX-dIfbu8LC1CPsEQ==

GET
H2 200 ponyfills.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 1 KB
3 KB 41ms
40ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ponyfills.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

bb1786084b9f9a13981f0cb84a37def2537bcc66542dd335c54669ff5efe8015

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-4eb"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 9uAH-QSIMXlv2rfpohImVA7FnTDb8xRUPdMXuHSNYV71Zhf3OwIJDA==

GET
H2 200 public-interface.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 7 KB
4 KB 39ms
38ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/public-interface.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e9e61d12e8e162c61bdcd767ffaa02912ca9706d6058f5db6dd6e52eb11fc177

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-1cb2"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: Wby5Kz2czNG8TinBB4G77xxPOESVkAN5UYgtcWvffu67r5NQTGBAKw==

GET
H2 200 umd-tough-cookie.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 264 KB
93 KB 33ms
32ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/umd-tough-cookie.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

cb8d6b9122706f26f20c5c779de0981c1e3cdc8335f42360ff83da82463745a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-420e1"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 5sTBb9xaVQa5-kqxYy2SxJFV2udet7Nq6vMrBzaI_fpQpwGNR1RHyQ==

GET
H2 200 url-util.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 3 KB
3 KB 40ms
39ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/url-util.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

0dff1ef8bd872c8f16fb0a22b68333ae2d72bc9bf0bb55275c589c1ac07dd221

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-af3"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: YTyNV29mSrOt3GcxofnvHiEo-R_NqOF9YlITKHHcUOP9KzNnRs78Rg==

GET
H2 200 advanced-http.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/ Frame 1686 1 KB
3 KB 35ms
34ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/www/advanced-http.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7aa9c3845000675fe8cde92c565bd7bc7de7e3e811219b11780fe5c53c99f288

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-55b"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: Esr_lAUUquGbUxhr5SjTQwS7IhoyCDGoJmx8Owkfc_cRgpCpKaacwg==

GET
H2 200 cordova-http-plugin.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/src/browser/ Frame 1686 7 KB
4 KB 26ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-advanced-http/src/browser/cordova-http-plugin.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c98b190beb8457b2c6389e9a89e33213f40dc0c542f9eae02d2b648632036bd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-1d4e"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 9IJxYfko5HTBEoCg8zZH8gEotsFIaWv0YcaZ09MhYhmRhCCgXMpjQg==

GET
H2 200 AppVersionPlugin.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-app-version/www/ Frame 1686 2 KB
3 KB 35ms
33ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-app-version/www/AppVersionPlugin.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

41f28964d48bdf98e3c73d7746dc31f278eee23a218d7ea3dc427738f1b30e00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-8e4"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: sJhCvPa5npagXG_BoiopNZHu4hHpPFj-ODn8MZ5jPSnxxHG3R74CPA==

GET
H2 200 audioInputCapture.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-audioinput/www/ Frame 1686 18 KB
7 KB 36ms
34ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-audioinput/www/audioInputCapture.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

56c73808d2932a6dae12c40b268d07ffd7711a9e24087771e25e86c55b27f813

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-4835"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: S7QsqGLCJcIMnH3_GGufkLZnpfj2P8QrQJSP4c2q2jtDk5o3ngWHEA==

GET
H2 200 AudioInputCaptureProxy.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-audioinput/src/browser/ Frame 1686 13 KB
6 KB 36ms
35ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-audioinput/src/browser/AudioInputCaptureProxy.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

24787c269284ba9992d91ee0c0d472f56b479e3c28bb7066fa31ae3808b706a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-329f"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: jRf2T803VOoG_esmX2ETU2xXDZWMg2ZFqoMZSftru76uqhmaqilApQ==

GET
H2 200 audiotoggle.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-audiotoggle/www/ Frame 1686 371 B
2 KB 26ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-audiotoggle/www/audiotoggle.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

a754c38de76628e49d2fda802371cd28e4ce1c8fb568d7b8947c34897d9fe033

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-173"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: qtRr7FJuwTDeGm6iufa0F7scdlw1zHFOYBbFYcwvZMjEXTcNFq5-ZA==

GET
H2 200 background-mode.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-background-mode/www/ Frame 1686 10 KB
5 KB 30ms
29ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-background-mode/www/background-mode.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

d0f436537f407e1e00dcb9f118fe1027611dfd0c75319f9d654807c5009ef6b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-28b5"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: K3iLFARbnCq3KBIlYChhmPMPv6WQHOyjTu1BM1o8qtCCqe-EzUNpPw==

GET
H2 200 BackgroundModeProxy.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-background-mode/src/browser/ Frame 1686 2 KB
3 KB 26ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-background-mode/src/browser/BackgroundModeProxy.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ce42b2dc395d719e610566929c94f3d8b6b189a543c0f41dae490c522d466495

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-681"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 3oG6jQJSI-OoJyN28EFBsOmgbSUDo-ZngadN4eHhoePiSj8x0vlphw==

GET
H2 200 badge.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-badge/www/ Frame 1686 8 KB
5 KB 44ms
44ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-badge/www/badge.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

d957228eada1441819abef69178d8f411878e29601f08455c08aff2ae255b933

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-1fd8"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: jOPUowIuyBrRfSlotRtoUXNVqK1ogiXCrlmJqZa1X0n1_T-7GKsKdg==

GET
H2 200 favico.min.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-badge/src/browser/ Frame 1686 9 KB
5 KB 40ms
39ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-badge/src/browser/favico.min.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

541240ff3f6a5bc8cf3469f609d35799d702171e0046953d696b3ff0f4251226

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-23a7"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: aUydc8citw5OHUWSkTGfyiBeZ-FL39Q56dnm4mZA7Irqw9N8tMcp_w==

GET
H2 200 BadgeProxy.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-badge/src/browser/ Frame 1686 3 KB
3 KB 39ms
38ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-badge/src/browser/BadgeProxy.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

9a18ceb0979858ba96a839b32359c3febdf1c2fc029424128215a5ab87815c79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-c11"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 0Vc4S9pIFF_1K-PbP9Akfmrh5GhYxdLXYgqpPVSnuZ0iaNfDjasHeA==

GET
H2 200 CameraConstants.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-camera/www/ Frame 1686 3 KB
4 KB 36ms
36ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-camera/www/CameraConstants.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

55870130e781a2c5b59de90cb1ea4f8b8a72ec858cb519299cc1b2cc31e5795c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-da0"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: oD2oUdB0BfluqEbzUj4yt3lsEwFZWhiK2huzUMXUjlYKwv8AAFrWvA==

GET
H2 200 CameraPopoverOptions.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-camera/www/ Frame 1686 3 KB
3 KB 29ms
28ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-camera/www/CameraPopoverOptions.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

1fc7a85d391d66fc42b1fe43f5677728ffc14d8b54cb0df2e7acc380ac04a50a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-a50"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: fEinJuNSWMRDNEdBb7_wovSwdjMw4jp-jZGum5Aiq1qLd5vJwRvtfw==

GET
H2 200 Camera.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-camera/www/ Frame 1686 8 KB
5 KB 33ms
32ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-camera/www/Camera.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

9eabecbc19d18bd61f207221bbae796d0c4b6c3ee60903f1e73e36ff8c4d815c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-1f3b"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 24YRJKTlD8Qov2spFWv8roVeDng_5UYNNogL42U-fbCaeRLENStXCw==

GET
H2 200 CameraProxy.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-camera/src/browser/ Frame 1686 4 KB
4 KB 49ms
48ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-camera/src/browser/CameraProxy.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e46add2a8e15df2649702a4dc1f56b756cd2247cb747061586f0b7d147eeb711

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-113a"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 8BJ23M9YpD3ZaZq_gmuMhOPoGsAH-rJHhRenvjQF5_RWK2AwwP1n8A==

GET
H2 200 FirebaseAnalytics.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-firebase-analytics/www/ Frame 1686 2 KB
3 KB 27ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-firebase-analytics/www/FirebaseAnalytics.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e2ca91f4d52b0f418a86dd7eb21d63ae374450315ec1797f46f3191532d5710b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-7c7"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: Smk0hMdV0IHN8rJqD_MfrY8PcXctCnGxz_IVGNTJIbgikzoGuKsNEQ==

GET
H2 200 FirebaseMessaging.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-firebase-messaging/www/ Frame 1686 3 KB
3 KB 42ms
41ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-firebase-messaging/www/FirebaseMessaging.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7ce7cdeae1239195a310df99a813831a57a122e1e61dd85fa27d16443322c706

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-c2b"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: tXwUGNjrZDcHiReGVvt81cL66nGi4HZTnT3AXQK7JrqtISTz_tVWQQ==

GET
H2 200 GlobalizationError.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-globalization/www/ Frame 1686 1 KB
3 KB 30ms
29ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-globalization/www/GlobalizationError.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

afe726a79bc1ce2e76061ac479595bdeee63be992e5895c79388b7237c5aacdc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-54a"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 3WBvKCJfZQ5-NRO2DQ4GiF34-6A21SgrN7L6aeJNeLqbDIKYLM04Bg==

GET
H2 200 globalization.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-globalization/www/ Frame 1686 18 KB
6 KB 37ms
36ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-globalization/www/globalization.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

092ce7755eed832fb7b444c41938b67f2d3e3241d88f87c619a93c4cdf333cab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-46a5"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 7ermVIlIiNTi5TSR_eLJRToDQm4wCHk4rYhYF5teffrQJr2ZjhgZ7g==

GET
H2 200 moment.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-globalization/www/browser/ Frame 1686 129 KB
41 KB 29ms
29ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-globalization/www/browser/moment.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

3ccf14a5c56cae85e105a52ac31df39265f92751c411de981ba9129c15f8ab3e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-20237"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: szzJWM3T9b81iTFrwb80RW35yQzCRElMmlkUH3MIibcJg5PERQNbng==

GET
H2 200 GlobalizationProxy.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-globalization/src/browser/ Frame 1686 10 KB
5 KB 50ms
50ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-globalization/src/browser/GlobalizationProxy.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ab469a116b01bad030834876654b68134de9ab86443fdd28c24c44c6302e8deb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-2994"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: JHWksdERGkfi95hFQ0XfZWbYzv1soK6-30AzSWm95PQkzCdkkJ4lrA==

GET
H2 200 util.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-ionic-webview/src/www/ Frame 1686 968 B
3 KB 26ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-ionic-webview/src/www/util.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

6cb14f37f490f607bdfbbf2652dbdf192754a056c99519941304eaf2460ae970

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-3c8"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: GAyWe3znfRYEZqgA7_qUwDup5nnTt8svgXsDgpOEjH_wHhQSjnclnw==

GET
H2 200 keychain.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-ios-keychain/www/ Frame 1686 2 KB
3 KB 29ms
28ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-ios-keychain/www/keychain.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

be593468093816b5b692d4f5d58d5a05939540affedd01069fc869bfb1d43e63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-8b2"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: jX5ztul47izCF3xclKed2SWEreVYaSmWfbbEb45yJ4AmJqKh6oW9VQ==

GET
H2 200 touchid.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-keychain-touch-id/www/ Frame 1686 1 KB
3 KB 27ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-keychain-touch-id/www/touchid.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

df233c3ff16a3ba7841f3577f2cafa390a5a8c3f6b3d05e2dc527bf9b04de922

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-413"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: OBgFjyDPCbpAPSGTXerJBs97VrsNa7TmLwktDEy7hjWUdoIpTTfg-Q==

GET
H2 200 local-notification.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-local-notification/www/ Frame 1686 9 KB
4 KB 32ms
32ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-local-notification/www/local-notification.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

b7db7de0e673fb6f20363c2848c3ea1455f0c9a7160d47077f6c31278691fb0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-23f0"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: a9sPwSSC2PWbOYXqS1hPrB2ITamdEY8ufftF-H-qO5t5pEA38RrIhQ==

GET
H2 200 local-notification-core.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-local-notification/www/ Frame 1686 11 KB
5 KB 26ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-local-notification/www/local-notification-core.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ec21b5b94069d2c27b12c222a373169c40d647125cd7d5b391ea1dc7e568f987

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-2cbf"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: fCZUtRnT47VJoBpEIb0v40Dh3CJgUAY8dsYeChWzO94uDr0TR4v3Yw==

GET
H2 200 local-notification-util.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-local-notification/www/ Frame 1686 14 KB
7 KB 26ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-local-notification/www/local-notification-util.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f551d38fff74f5f1b2c1df851828059a2ec113a52c2017cdaebee5ee93140ad2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-399c"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: hx6xbwbcb9PWMQWrxCjs9wzkgMnmPMJhxQN3bIacoHIxs1-jkfiPtQ==

GET
H2 200 nativeaudio-browser.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-nativeaudio/www/ Frame 1686 2 KB
3 KB 29ms
28ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-nativeaudio/www/nativeaudio-browser.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

05bf48804eb1bf4da9484e4ed401b617328f4e554189dd42696b8f80f6aa1553

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-7fe"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: BNOfnlWWJ7NzCU2GdXMb6skFn7TlKJqZoX40ee-a5-MtC_eUWJXM1Q==

GET
H2 200 SplashScreenProxy.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-splashscreen/src/browser/ Frame 1686 6 KB
4 KB 26ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-splashscreen/src/browser/SplashScreenProxy.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

84553e16190e8f6643dfa76c6d03354fd05d07bc287ff3de112ad8e752465d62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-1893"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: FjT4KdV5R1J7pCoSBreX3AAbzopNSlRhX553xaJeJzX2GfPzPAi6cg==

GET
H2 200 splashscreen.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-splashscreen/www/ Frame 1686 1 KB
3 KB 30ms
29ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-splashscreen/www/splashscreen.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

238b2ab94714de5dc29e90a2a270a6f67d0ed95ee56013ac1ba3b8433efb578e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-499"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 4BPBe5ZRkon2_CJZQqWdLxUkrQ2cFLtAgIpE3rWuZEE4TR7FR0AJkA==

GET
H2 200 SSLCertificateChecker.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-sslcertificatechecker/www/ Frame 1686 2 KB
3 KB 28ms
27ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-sslcertificatechecker/www/SSLCertificateChecker.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

af22d65d0289d954f8147aa1eafe8378218244a31dff9edd6559c8009fe151e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-996"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: ZyA5MlIM1fkKAHFRsSCAY_b_PWYeZBszPU3VPgihRoDFsdG2kL0wsA==

GET
H2 200 statusbar.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-statusbar/www/ Frame 1686 3 KB
4 KB 29ms
28ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-statusbar/www/statusbar.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e75598183241f0a1663b4415f0fcc3d8d6887afa4c2261497963571946a72327

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-da1"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: e0bbTC-Nq3aOc_3-K_RnY0pnAiChiEfym2BGz6SPgqMHsjKHgPHx8w==

GET
H2 200 StatusBarProxy.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-statusbar/src/browser/ Frame 1686 2 KB
3 KB 30ms
30ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-statusbar/src/browser/StatusBarProxy.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

395ec15d1f7fcafa7a2b39c6376edfafeccd65be3b11071a76ae202c4f9ac055

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-737"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: WL_CYQMY0KGDBqejRbJJvvDSlNL0dum3b4xZA5wezMlq_8b2rWEWxQ==

GET
H2 200 imagepicker.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-telerik-imagepicker/www/ Frame 1686 3 KB
3 KB 26ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-telerik-imagepicker/www/imagepicker.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

9bfa134df1fbfaa4d894c98022c88e025226e1e10974921182b815f20e3f7aa4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-b03"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: HQ2KygOTHWT8zWnvZisx_m8H-EcSXiHoOVoFDpRSgPtyONHP9cKWRg==

GET
H2 200 isChrome.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-telerik-imagepicker/www/browser/ Frame 1686 1 KB
3 KB 25ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-telerik-imagepicker/www/browser/isChrome.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

1067aab41e2305267982554fe43696400b90373e94d669a413441acc93787965

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-4c5"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: W1kEgH6KAJneqkuK1tWwgIc_moFmBGIc6cg-5dTpdZkiPZ9wcLiqFQ==

GET
H2 200 ImagePicker.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-telerik-imagepicker/src/browser/ Frame 1686 8 KB
5 KB 34ms
33ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-telerik-imagepicker/src/browser/ImagePicker.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

2243a42b6915dade9c9c5ea24f60a26d38780ebb5fa57993279b0f5f8b6303a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-1eef"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 828ac1s1QR_V-mW8f4kgLOqAWQLZvlww2nnyb86vcPWGiv5buxlNyg==

GET
H2 200 Vibration.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-vibration/src/browser/ Frame 1686 1 KB
3 KB 27ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-vibration/src/browser/Vibration.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f61d9ed801ce151eeea72a2141a3006e85770dbe8cba07f96b886b1b724b1a78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-443"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: _mjRfx5rZBFRutXiB5-2iQtXwUXbzMIF5VHXMux2jdN_eIhLSodD5A==

GET
H2 200 vibration.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-vibration/www/ Frame 1686 4 KB
3 KB 28ms
27ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-vibration/www/vibration.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

9af93c6b72fcc45deb6ea4919f4b2d1a9245cd994b49195ae141460765f9e5f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-e26"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: v0jWueDaALx6L5AepPqOzfVJlHAPrCu8SWQExzg8ttz9xi0XrFx7WQ==

GET
H2 200 Toast.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-x-toast/www/ Frame 1686 3 KB
3 KB 25ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-plugin-x-toast/www/Toast.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5125b25c87d3baa6e7c90c31501e2e33f4d679aa588c463f437db0fc6d694b06

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-aa7"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: W308_0mJ46K3mgaYZ_-AkHYvDsIRsNjbiAlNdbKhRFsUcvq0bEZzVg==

GET
H2 200 SQLitePlugin.js Show response
ifupperclub.cibcfcibmiles.com/plugins/cordova-sqlite-storage/www/ Frame 1686 33 KB
10 KB 29ms
28ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/cordova-sqlite-storage/www/SQLitePlugin.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

bf327a3676921093329300a1d7e98299ec9e03a0e9e38d43c76616b85575e774

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-83b9"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: lzZDyu8uQxTD6UNsPddVVwAT5pqFVVmU0DBuSDS5_2wA-AYeYHfTfw==

GET
H2 200 image_resizer.js Show response
ifupperclub.cibcfcibmiles.com/plugins/info.protonet.imageresizer/www/ Frame 1686 400 B
2 KB 29ms
29ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/info.protonet.imageresizer/www/image_resizer.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

0ed39d4b0ca21aa0932c77ab089775271c66a789da6a5a28b057758360854694

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-190"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: bhWpvg5-joMwhx7JVK7Sj1b61gs4DGQ8bBKrshGQHdD9ukKXxwjgJQ==

GET
H2 200 deeplink.js Show response
ifupperclub.cibcfcibmiles.com/plugins/ionic-plugin-deeplinks/www/ Frame 1686 6 KB
5 KB 38ms
36ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/ionic-plugin-deeplinks/www/deeplink.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

aaa06c0cdca1459b305dd668d9f1625fc26c8fb83b61ce830cade8374c57fc21

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-1934"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 4cdUb550Otjstdy-VYrRMngrz9E62BAfYtNeFF19MCCVubhUAElEIg==

GET
H2 200 DeeplinkProxy.js Show response
ifupperclub.cibcfcibmiles.com/plugins/ionic-plugin-deeplinks/src/browser/ Frame 1686 1 KB
3 KB 34ms
34ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/ionic-plugin-deeplinks/src/browser/DeeplinkProxy.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f5fe44760cc7b6438ca9e9e2003b24d51169e3fca1a589c55d744d2ddda58219

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-4e3"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: TFwPzC5CU3MFQmF7Ma3xJAO_T6sIU8b3d4JwHE68rbm3t7RfKRgpew==

GET
H2 200 barcodescanner.js Show response
ifupperclub.cibcfcibmiles.com/plugins/phonegap-plugin-barcodescanner/www/ Frame 1686 5 KB
4 KB 29ms
29ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/phonegap-plugin-barcodescanner/www/barcodescanner.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ef905f3e7ddb5b981c1a4ee0a6f3f40eafcd6c66173eab29c30a46439e05f845

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-139c"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 5RpkQUwMbCcpEZ6wvJv27YZkl41aULzKtQX6ySeIfj-Bx-gqjnOpaQ==

GET
H2 200 BarcodeScannerProxy.js Show response
ifupperclub.cibcfcibmiles.com/plugins/phonegap-plugin-barcodescanner/src/browser/ Frame 1686 639 B
3 KB 27ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/plugins/phonegap-plugin-barcodescanner/src/browser/BarcodeScannerProxy.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/cordova.63b449c962532a113eb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

b7079975bee6cb715358873e976e602cfe10b47062aa0098bc706353f2aa620b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 18:32:29 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba34bd-27f"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 8RrQxmNtcVPf97q6KuWz7vlBtiLNd-fiNPpfC9pmiHgRBjZhM5q2tg==

GET
H2 200 common.6e5f19f038f75723063c.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 11 KB
6 KB 27ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/common.6e5f19f038f75723063c.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

da27d95f1aa629807d0ec540f20985d0a512cd0a3ba84dc2be99743e49392f17

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:25 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce9-2b26"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: R2Dwy498rb9owIHKZ16UOJ17mNLUEqWaRiguFozYFeICJJ07EHPUIg==

GET
H2 200 29.7ae3bb4f0ba539abed57.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 45 KB
14 KB 26ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/29.7ae3bb4f0ba539abed57.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

0e3ffe08081a6dd61294b46ad562bde8f183b18300b19b96507695a91986e42e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-b345"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: bcKvs6dzuaEZaZsPgA4pnWEWYnP0lG0mvBHQrKi9rUxzpETXEjQ33A==

GET
H2 200 17.f87a3613489f7aa2cace.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 14 KB
7 KB 28ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/17.f87a3613489f7aa2cace.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e68b949cc5f64e5d3e1cac128a95d15a68712fd77b74a393ba33e2c9cc6e5f7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-3999"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 1G8yfkTMjCrt_pItXS8HRurUws5Ov09PGX8p11sk0FYF-qRbns9e2w==

GET
H2 404 splash.png
ifupperclub.cibcfcibmiles.com/resources/ Frame 1686 548 B
548 B 34ms
33ms Image
text/html 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ifupperclub.cibcfcibmiles.com/resources/splash.png

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-P1
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
x-cache: Error from cloudfront
content-type: text/html
content-encoding: gzip
x-amz-cf-id: QiepXlZkGKtr_SQ6v95PzfXdHRRSB_ybBFbuZv-LmeYdMRCLc5XPnQ==

GET
H2 404 splash-iphoneX.mp4
ifupperclub.cibcfcibmiles.com/assets/ Frame 1686 548 B
873 B 28ms
27ms Media
text/html 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/assets/splash-iphoneX.mp4

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-P1
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
x-cache: Error from cloudfront
content-type: text/html
content-length: 548
x-amz-cf-id: 2jSI8Qh9iQ1C5rioHlqhnC4kONyPtBOetR-2-n7SIoN-b6znK94E7Q==

GET
H2 200 overlay.js Show response
lpcdn.lpsnmedia.net/le_re/3.50.0.1-release_5103/jsv2/ 9 KB
4 KB 24ms
24ms Script
application/javascript 208.89.12.90
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.50.0.1-release_5103/jsv2/overlay.js?_v=3.50.0.1-release_5103
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 421e940d6f97605b150e72573232b2a2a00b812de0cb880fc82d681cc0027b66

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 13:20:07 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 25 Mar 2022 19:00:02 GMT

GET
H2 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.50.0.1-release_5103/jsv2/ 30 KB
12 KB 48ms
48ms Script
application/javascript 208.89.12.90
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.50.0.1-release_5103/jsv2/UISuite.js?_v=3.50.0.1-release_5103
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 13:20:07 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 25 Mar 2022 19:00:02 GMT

GET
H2 200 509 Show response
accdn.lpsnmedia.net/api/account/46543114/configuration/le-campaigns/campaigns/1511710650/engagements/2367361350/revision/ 2 KB
2 KB 24ms
24ms Script
application/javascript 208.89.12.91
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/46543114/configuration/le-campaigns/campaigns/1511710650/engagements/2367361350/revision/509?v=3.0&cb=lp2367361350&flavor=dependency

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

b893957de21b1e6017131e153a6d5b9e57a63420f60e4bb36797f165623d8157

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 2
expires: Fri, 25 Mar 2022 18:50:12 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/46543114/configuration/setting/accountproperties/ 6 KB
2 KB 45ms
45ms Script
application/javascript 208.89.12.91
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/46543114/configuration/setting/accountproperties/?cb=lpCb25450x92892

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

70ad4604e3a0764828f361da61060ff73e6de845684b21a01df31f9de98b35d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 2
expires: Fri, 25 Mar 2022 18:51:00 GMT

GET
H2 200 46543114 Show response
lo.v.liveperson.net/api/js/ 111 B
854 B 87ms
87ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lo.v.liveperson.net/api/js/46543114?sid=PvefnmDsQLuTlGu9SzYBbQ&cb=lpCb85963x81745&t=pl&ts=1648234201379&pid=5532043920&tid=9912227983&vid=k2MjU5OThjYTBjNzBhMzNi
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.70 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo.v.liveperson.net
Software: ws /
Resource Hash: eef200cc2739d58613cae77ce7b5e9fbe1f3706abfa09ea96e4f6e69a0038e3f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 1456455550 Show response
accdn.lpsnmedia.net/api/account/46543114/configuration/engagement-window/window-confs/ 4 KB
2 KB 47ms
46ms Script
application/javascript 208.89.12.91
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/46543114/configuration/engagement-window/window-confs/1456455550?cb=lpCb28277x8138

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

cc271c2e465f8695a395168535ce10d61d5c9e084d52d8ad415c1852e7101831

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 2
expires: Fri, 25 Mar 2022 18:50:13 GMT

GET
H/1.1 200
OK logo_whatsapp.png
s3.us-east-2.amazonaws.com/prodalleimages.alle2020.com/miles/ 7 KB
7 KB 48ms
47ms Image
image/png 52.219.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/prodalleimages.alle2020.com/miles/logo_whatsapp.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.101.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7734bd9d27874269f979240a162cf94effdc39ef644a712b36d56b9534f89f37

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 18:50:03 GMT
Last-Modified: Fri, 31 Jul 2020 19:52:04 GMT
Server: AmazonS3
x-amz-request-id: 88EM2E8ADHTNK8KT
ETag: "2dab1ba25f54b6352ba89c74b444d04f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7082
x-amz-id-2: 1bhDk8jraEsyaRAVv7a/L71Gc2/y2U2AlPNzdCehsMaXk/9+Dvy+OuYXU7RgphFonBgg20rR5SQ=

GET
H/1.1 200
OK logo_whatsapp.png
s3.us-east-2.amazonaws.com/prodalleimages.alle2020.com/miles/ 7 KB
7 KB 44ms
44ms Image
image/png 52.219.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/prodalleimages.alle2020.com/miles/logo_whatsapp.png
Requested by: Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_re/3.50.0.1-release_5103/jsv2/overlay.js?_v=3.50.0.1-release_5103
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.101.97 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7734bd9d27874269f979240a162cf94effdc39ef644a712b36d56b9534f89f37

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 18:50:03 GMT
Last-Modified: Fri, 31 Jul 2020 19:52:04 GMT
Server: AmazonS3
x-amz-request-id: 88EJ83SPBC530A0N
ETag: "2dab1ba25f54b6352ba89c74b444d04f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7082
x-amz-id-2: cAFVHqOgEtn6svwcaBj4i+94fP1T+Fs3spoyyBmW/rPZjivx93VX0RTaDOkVTHIWcqJ8sl+fgH8=

GET
H2 200 46543114 Show response
lo.v.liveperson.net/api/js/ 42 B
792 B 88ms
87ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lo.v.liveperson.net/api/js/46543114?sid=PvefnmDsQLuTlGu9SzYBbQ&cb=lpCb97461x52015&t=uc&ts=1648234202369&pid=5532043920&tid=9912227983&vid=k2MjU5OThjYTBjNzBhMzNi&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A1511710650%2C%22engId%22%3A2367361350%2C%22revision%22%3A509%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/46543114/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=cibc&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.70 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo.v.liveperson.net
Software: ws /
Resource Hash: e0ecb6c51247a6af9d6e274d834e94ec6a78b07afc978e5a2a11f6248917ae90

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 config.xml Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 1 KB
3 KB 26ms
26ms XHR
text/xml 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/config.xml

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/polyfills.24fb99b5a33d2fa83ae8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c2c9c59c0b62f22ee7916d37aae5636140a77d35aaf59eab43bffe27540e8a4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:26 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7cea-569"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: text/xml
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: RJHcxtlW_BDTdPtfwPlH6Kp9RzY5FX_VYaGWnuAW6Sddz-4LTm0IiQ==

GET
H2 200 favicon.png
ifupperclub.cibcfcibmiles.com/assets/icon/ Frame 1686 4 KB
6 KB 25ms
25ms Image
image/png 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ifupperclub.cibcfcibmiles.com/assets/icon/favicon.png

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

bec3b6e7e676acda40ba89af68c8cc2fff95cde5e5eb3290b0ffbf8b004210c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://ifupperclub.cibcfcibmiles.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 4399
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
date: Fri, 25 Mar 2022 18:50:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: image/png
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
etag: "61ba7ce8-112f"
accept-ranges: bytes
x-amz-cf-id: 8sURoF9lwLzFbSMeJ_peBjrM2zURKpwcQHNmxun7kA48_lgfyshYqQ==

GET
H2 200 2.f47d0e70f0ba73d2f93b.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 649 B
3 KB 25ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/2.f47d0e70f0ba73d2f93b.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c6e303cdbeb60c542a0650ebe70c84ecddb0e1818b59f957f8725e9ff6453f76

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-289"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: Z0UzJnM_qQfRSuRyB0JxhhXhbMuSfWUbfnoDphbdaT8yMnWAp3U9DQ==

GET
H2 200 en.json Show response
ifupperclub.cibcfcibmiles.com/assets/i18n/my-rewards-cibc/ Frame 1686 50 KB
20 KB 29ms
28ms XHR
application/json 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/assets/i18n/my-rewards-cibc/en.json

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/polyfills.24fb99b5a33d2fa83ae8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5f2393c91e6ee0c9a3760d170ef38366a97c6ee44824c0a59308224c9e1a8667

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-c6a3"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/json
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: _8YmX_7uefMrAAnrLOX_4nj-kxRNiZ0r3G3hP_1byvBeGfa89JzGng==

GET
H2 200 es.json Show response
ifupperclub.cibcfcibmiles.com/assets/i18n/my-rewards-cibc/ Frame 1686 49 KB
22 KB 27ms
27ms XHR
application/json 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/assets/i18n/my-rewards-cibc/es.json

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/polyfills.24fb99b5a33d2fa83ae8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5d9fd9f183790a96ac3dd3789b5bf1e59017dadd0981092f628d82f67d8e12ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-c574"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/json
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: qYFeryVn2wiHKQZ-mE65PK7GsrfwjytUUlvgfUdFLosUcB9itcKghw==

GET
H2 200 11.d717f2beae8f829a2c39.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 32 KB
12 KB 31ms
31ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/11.d717f2beae8f829a2c39.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

493bf914cdde395596b8c5b416f7875e13c67f16d9fc88bb7afbcbf32bee1e76

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-7f8d"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: MvxOV_o0G4Hkag952sFHEUHABL25lKDJFGAeuYXfppop63lfC63Czw==

GET
H2 200 12.a3b04ad316b5ebe29df7.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 12 KB
6 KB 26ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/12.a3b04ad316b5ebe29df7.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

bd7811bd8737e03992a0020029514a54a3404f257308ac65a7de0984233df00a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-2e7a"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: CFviNm7SoihLvmkjLPxD4ESF8GrawU945gg1gF_H2iTVHnHNQZnbrg==

GET
H2 200 24.772fab747fef41660752.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 517 B
3 KB 31ms
31ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/24.772fab747fef41660752.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5bbbf47a5ee57bfd0d6bd93062ad070dbf72896d5ec51a8fa080d77f10adedc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-205"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: HwSRvqPg0JXAQYTgsnKBBgQ8ENVVh7l-m4UE8xV3XkxhpiKFO4WG6w==

GET
H2 200 13.037417bf0771740c9e1c.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 22 KB
10 KB 27ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/13.037417bf0771740c9e1c.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

86b225e580c747d4a4a7b2df712c7af0e531259af4843ec8d8be0f5283601218

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-5803"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: aKkbS0Yri-CCNdZMSg8BhTPi3V-HWaxUzc_EWX0Q8bLsYvQpBQDXnw==

GET
H2 200 22.ec18c6c5ab6fc1872b32.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 143 KB
38 KB 35ms
33ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/22.ec18c6c5ab6fc1872b32.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

b46906ecdce3b9461ec7c6d45317a0cc56346ba386425d3247b8899a32caa24d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-23b4d"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: yrOGEyyEoNV9eAbp0PmVVWummRn67wzqiizlWj4N0U3v7oX6QlxvJQ==

GET
H2 200 21.3f513e532db55c58bd4c.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 5 KB
4 KB 26ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/21.3f513e532db55c58bd4c.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

68ddd085037f42a48bdae2effd1beb04dc0868447a573fe5236b23e1f3a9ecd1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-1341"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 6m4_hvH5RQYvKjIg3TVRav6DhjIj0DNK4yWbSoDI99ZHwsMmU4JfKg==

GET
H2 200 20.fb9f527e5931b7f95fa6.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 1 KB
3 KB 31ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/20.fb9f527e5931b7f95fa6.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

b4e0fd246054358b3417c9da10e49410003adc532acd8f08a12017930aab7a1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-542"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: b-QQ4lda-Vx7Q6czI_LLHIk8BaSHrm-U-D_kLRprdMlI0Ppiawe-bw==

GET
H2 200 23.fc04b25f2cd4bf86ddf2.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 4 KB
4 KB 32ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/23.fc04b25f2cd4bf86ddf2.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

9f9d4ecbe4e705211a747c6bf26d29e184073b067e8b5c6a96438753d0699693

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-e47"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: l8OEizbNeEqs95JpRgNTy56W3NjfnoAcmPi9e4mEMkpNdV-PNpEN1A==

GET
H2 200 18.e7c6db9aeb6a2df15006.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 10 KB
6 KB 31ms
28ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/18.e7c6db9aeb6a2df15006.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

bdd41ab1218dfd4e49a6f8e334d833e95adb61c4bf2c399e288fa5f9acfb9ddd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-28c2"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: Hnzm_Ilji7w89TafnTjxAdp5S0VweSRZZwOZCAGqcKipKQtw0gxR8A==

GET
H2 200 16.3a61867f59ae6ba24e44.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 10 KB
6 KB 28ms
26ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/16.3a61867f59ae6ba24e44.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

804c9cc533032eb2deca929999b8b1d7f5ccadc07bb99c436ea75ed3be0b86bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-27ba"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: MXhZigLEocC1zIqdxawbH1crjWmkBuRJgZl1qx_kzxmU5njXjmHiIQ==

GET
H2 200 15.767bb92be6c5b8ce9294.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 14 KB
7 KB 32ms
30ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/15.767bb92be6c5b8ce9294.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

159fa5b16070194e5003e1ec8dd6afd082efe84844469306e8c6d6ea346d0093

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-388a"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: HGoAbNEZMaggqd15zpIRZ267et547CVZlRWCF4PI8kl39qhHP9CG-w==

GET
H2 200 10.c6129b94bdfcf0fb7e15.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 16 KB
9 KB 28ms
27ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/10.c6129b94bdfcf0fb7e15.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

012dfb64cd47293fcf7d693aa90712a0ca42d329dcea14f08a118b08ea91ab41

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-3faf"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: sljws8Wj_fULfCw8xWBu8-m9X_YvVFgFXO9rpdr-CMcrOXnL3LRjAw==

GET
H2 200 19.883b2afa6752a25e8551.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 13 KB
7 KB 40ms
34ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/19.883b2afa6752a25e8551.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

1526634392b37b5e9aa816b244b9f9d2dcf1ed0b110389b7c79b991b74a83e3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-35c3"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: cCqBGJ4yJrSRIHYBcydtvYDi2xauWSKOr3HTn5dkITxQ3d1JhaGXHA==

GET
H2 200 14.41c1709c16bd26b1beb8.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 3 KB
4 KB 31ms
25ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/14.41c1709c16bd26b1beb8.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c3a29ef9dab1c8ba7e968ddd08cb574362b16038cb407293d5f10d5e7fa15763

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-a4a"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: d7u8hKs2aagpn9WJXAyehz9Q_PWaR0pw1iF7nvS1Lt6j6MxniMp1RA==

GET
H2 200 splash_t.png
ifupperclub.cibcfcibmiles.com/assets/ Frame 1686 130 KB
132 KB 31ms
26ms Image
image/png 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ifupperclub.cibcfcibmiles.com/assets/splash_t.png

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

0e3a16a7526271fa4ed8018a36a953a3b22f128cfd6737eff83ef3c311c62901

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
content-length: 132864
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:25 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
date: Fri, 25 Mar 2022 18:50:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: image/png
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
etag: "61ba7ce9-20700"
accept-ranges: bytes
x-amz-cf-id: 2X6j3jVSclTSfCFpiCrjeO07YCr70ZsFqq4EojTo6PW-8KIdRbH88Q==

GET
H2 200 74.ce7a4beea49fc88d1cfa.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 2 KB
3 KB 33ms
31ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/74.ce7a4beea49fc88d1cfa.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

afa6aff867d57cecba01bb1af4ea9fded46fe8e53068c39cb189fb93b0a7d0d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-828"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: ZVB2aa0qCUVpjk95V33D5SPlpoAAiaRwdU9L5NUlNKd_XDs4JJtufQ==

GET
H2 200 72.7e6ac9db444cb12e0a7b.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 496 B
3 KB 33ms
32ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/72.7e6ac9db444cb12e0a7b.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

89a7d0678a22c268d7fd83ce021f7d028d97c0a98c5343f85283ff01fec2f569

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-1f0"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: xlVbMW7xtcOWjpeXHqbza4KA6oJspvBhabaZcv6zQj61w0k21HSkAQ==

GET
H2 200 70.6e519830eff878693ed5.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 2 KB
3 KB 32ms
32ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/70.6e519830eff878693ed5.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

54e629985f44b6105c2780988194a625d5faaf0d584c21bd9f5c913dbade5ccd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-661"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: 9CbV3FoFDRaHuAxuU7xpwNkobq2ZqtORW9tnznYAq2hS4dOAbVS2NA==

GET
H2 200 25.e15c0c3dcf05254ce0b7.js Show response
ifupperclub.cibcfcibmiles.com/ Frame 1686 841 B
3 KB 33ms
31ms Script
application/javascript 52.85.61.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ifupperclub.cibcfcibmiles.com/25.e15c0c3dcf05254ce0b7.js

Requested by

Host: ifupperclub.cibcfcibmiles.com
URL: https://ifupperclub.cibcfcibmiles.com/runtime.6f0645e6fab6ff817ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-52.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

95f0160c8059187629574e1d85a563f229d517c3eb8da6db2ee05a65d476b53e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .cibcfcibmiles.com .ncbmiles.com .go2redeem.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Dec 2021 23:40:24 GMT
server: nginx
x-frame-options: ALLOW-FROM cibcfcibmiles.com *.cibcfcibmiles.com *.go2redeem.com
etag: W/"61ba7ce8-349"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains
content-type: application/javascript
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
permissions-policy: camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
content-security-policy: default-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.milesbynovae.com *.hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com *.lpsnmedia.net *.liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.comhttps://fonts.googleapis.com ; img-src 'self' data: https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://*.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://*.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://*.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' *.cibcfcibmiles.com *.ncbmiles.com *.go2redeem.com *.allegrarewards.com *.alle2020.com *.hotjar.com https://fonts.gstatic.com https://*.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com *.alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://*.hotjar.com https://*.liveperson.net https://*.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
x-amz-cf-id: aTaT-yuFs0xVHgGzC6HXABIW4m9eVMyGyA_UpzDa4RARwcoJrO7uCw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: widget.bitacora.travel
URL: https://widget.bitacora.travel/vendor/air-datepicker/css/datepicker.min.css

Domain: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/assets/i18n/en.json

Domain: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/assets/loader/NovaeLooading-general.gif

Domain: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/assets/images/cibc-miles/icon-cibc.png

Domain: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/assets/images/bg-sign.svg

Domain: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/assets/brand/fonts/icons.ttf?30ivlz

Domain: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/icomoon.56d16df14b394ba8efd7.ttf?cm3ztk

Domain: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/icomoon.c05319acd34608c11566.woff?cm3ztk

Domain: cibcfcibmiles.com
URL: https://cibcfcibmiles.com/assets/brand/fonts/icons.woff?30ivlz

Domain: widget.bitacora.travel
URL: https://widget.bitacora.travel/vendor/air-datepicker/css/datepicker.min.css

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
travel.cibcfcibmiles.com/flights/default.aspx	1969-12-31 23:59:59	Name: StatC Value: ZORvlDz46ZNWc42aqW2KoA==
travel.cibcfcibmiles.com/flights/default.aspx	1969-12-31 23:59:59	Name: StatP Value: 9el05dieUUj4Y8LMr8zR7Q==
.cibcfcibmiles.com/	1970-01-20 10:36:10	Name: _hjSessionUser_1572141 Value: eyJpZCI6IjlkNzhkNGZmLWYzN2EtNTExZS1hNjI5LWJjOWM5NWZlODg3ZiIsImNyZWF0ZWQiOjE2NDgyMzQxOTgwNzEsImV4aXN0aW5nIjpmYWxzZX0=
.cibcfcibmiles.com/	1970-01-20 01:50:36	Name: _hjFirstSeen Value: 1
cibcfcibmiles.com/	1970-01-20 01:50:34	Name: _hjIncludedInSessionSample Value: 0
.cibcfcibmiles.com/	1970-01-20 01:50:35	Name: _hjSession_1572141 Value: eyJpZCI6ImJmODQ4ZmVkLTQzN2EtNGM2Yi05YWJiLTA1OTQ0YzcwOTU1NCIsImNyZWF0ZWQiOjE2NDgyMzQxOTgxMDAsImluU2FtcGxlIjpmYWxzZX0=
.cibcfcibmiles.com/	1970-01-20 01:50:36	Name: _hjAbsoluteSessionInProgress Value: 0
travel.cibcfcibmiles.com/	1970-01-20 02:33:42	Name: idioma Value: en
travel.cibcfcibmiles.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: yo055dnyinbkskoqejjyree1
travel.cibcfcibmiles.com/	1969-12-31 23:59:59	Name: .ASPXAUTH Value: 1538A1466C34BD02A0964D87C6F4232171F605456B47BB488F2705962A4E81F3900718040BB7DF4BBF85F3290EBFA605E6B9FAC1A1DB3E67BD918ADC6FE9542D09CC1E9C53C33368E4EADD9C72E2C3196ACD61CB253115A74D46CADEE3B952B4D39107F289584C4236788572ECF9A1BC3BFE6FEF147CE3661AEA275CF53B9C49
.cibcfcibmiles.com/	1970-01-20 19:21:46	Name: _ga Value: GA1.1.627250425.1648234200
travel.cibcfcibmiles.com/	1969-12-31 23:59:59	Name: viewport Value: lg
.cibcfcibmiles.com/	1970-01-20 10:36:10	Name: _hjSessionUser_1359146 Value: eyJpZCI6IjM2Njc1MjNiLTRhN2ItNTJkYS05YzAyLTJkYWI1YzRiNWY5ZCIsImNyZWF0ZWQiOjE2NDgyMzQyMDAyNzQsImV4aXN0aW5nIjpmYWxzZX0=
travel.cibcfcibmiles.com/	1970-01-20 01:50:34	Name: _hjIncludedInSessionSample Value: 1
.cibcfcibmiles.com/	1970-01-20 01:50:36	Name: _hjSession_1359146 Value: eyJpZCI6ImFkZGNmZmM0LWZhNGUtNDRhZS04ZDg0LTExYzVhMGNiNGJlYiIsImNyZWF0ZWQiOjE2NDgyMzQyMDEyODYsImluU2FtcGxlIjp0cnVlfQ==
.cibcfcibmiles.com/	1970-01-20 10:36:10	Name: LPVID Value: k2MjU5OThjYTBjNzBhMzNi
.cibcfcibmiles.com/	1969-12-31 23:59:59	Name: LPSID-46543114 Value: PvefnmDsQLuTlGu9SzYBbQ
.cibcfcibmiles.com/	1970-01-20 19:21:46	Name: _ga_SK3VNFNXHW Value: GS1.1.1648234199.1.0.1648234202.0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://cibcfcibmiles.com/ Message: Refused to load the stylesheet 'https://widget.bitacora.travel/vendor/air-datepicker/css/datepicker.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://cibcfcibmiles.com/ Message: Refused to load the stylesheet 'https://widget.bitacora.travel/vendor/air-datepicker/css/datepicker.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://cibcfcibmiles.com/polyfills-es2015.0e829e7d3592fcb6253b.js Message: Refused to connect to 'https://firebase.googleapis.com/v1alpha/projects/-/apps/1:898907049037:web:54c26c30aecf7ffb49e004/webConfig' because it violates the following Content Security Policy directive: "connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com".
javascript	error	URL: https://cibcfcibmiles.com/polyfills-es2015.0e829e7d3592fcb6253b.js Message: Refused to connect to 'https://firebase.googleapis.com/v1alpha/projects/-/apps/1:898907049037:web:54c26c30aecf7ffb49e004/webConfig' because it violates the document's Content Security Policy.
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
other	error	URL: https://ifupperclub.cibcfcibmiles.com/#/onepocket?channelID=16&applicationID=31&language=en&preferencePayment=true&chargeUniversal=false Message: Invalid 'X-Frame-Options' header encountered when loading 'https://ifupperclub.cibcfcibmiles.com/': 'ALLOW-FROM cibcfcibmiles.com .cibcfcibmiles.com .go2redeem.com' is not a recognized directive. The header will be ignored.
network	error	URL: https://ifupperclub.cibcfcibmiles.com/assets/splash-iphoneX.mp4 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ifupperclub.cibcfcibmiles.com/resources/splash.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .cibcfcibmiles.com .allegrarewards.com .alle2020.com .milesbynovae.com .hotjar.com https://player.vimeo.com https://vod-progressive.akamaized.net https://junipertravel.allegrarewards.com https://www.google-analytics.com .lpsnmedia.net .liveperson.net https://wearenovae.com https://cdnjs.cloudflare.com https://uniquetransactionws.allegrarewards.com https://universalws.allegrarewards.com; font-src 'self' https://cdn.jsdelivr.net https://script.hotjar.com fonts.gstatic.com https://fonts.googleapis.com ; img-src 'self' data: https://logos.miles.blue https://s3.us-east-2.amazonaws.com https://images.allegraplatform.com https://player.vimeo.com https://vod-progressive.akamaized.net https://wearenovae.com https://.lpsnmedia.net https://www.google-analytics.com https://i.travelapi.com https://media.activitiesbank.com https://static.carhire-solutions.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .cibcfcibmiles.com .allegrarewards.com https://junipertravel.allegrarewards.com https://www.google-analytics.com https://www.google-analytics.com https://npmcdn.com/ https://code.jquery.com https://unpkg.com https://cdnjs.cloudflare.com https://universalws.alle2020.com https://static.hotjar.com https://www.googletagmanager.com https://script.hotjar.com https://.liveperson.net https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://.lpsnmedia.net ; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com ;connect-src 'self' .go2redeem.com .cibcfcibmiles.com .allegrarewards.com .alle2020.com .hotjar.com https://fonts.gstatic.com https://.cybersource.com https://s3.us-east-2.amazonaws.com https://player.vimeo.com https://firebaseinstallations.googleapis.com https://www.google-analytics.com wss://ws5.hotjar.com .alle2020.com https://vc.hotjar.io wss://ws3.hotjar.com wss://ws4.hotjar.com wss://lo.msg.liveperson.net wss://.hotjar.com https://.liveperson.net https://.lpsnmedia.net https://fonts.googleapis.com https://wearenovae.com https://www.googletagmanager.com https://images.allegraplatform.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
cdnjs.cloudflare.com
cibcfcib.go2redeem.com
cibcfcibmiles.com
cibcfcibredeem.com
firebaseinstallations.googleapis.com
ifupperclub.cibcfcibmiles.com
lo.v.liveperson.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
s3.us-east-2.amazonaws.com
script.hotjar.com
static.hotjar.com
travel.cibcfcibmiles.com
universalws.cibcfcibmiles.com
vars.hotjar.com
widget.bitacora.travel
www.google-analytics.com
www.googletagmanager.com
cibcfcibmiles.com
widget.bitacora.travel
13.225.80.55
178.249.97.70
204.74.99.100
208.89.12.153
208.89.12.90
208.89.12.91
2606:4700::6810:125e
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2008
2607:f8b0:4006:81c::200e
52.219.101.97
52.85.61.112
52.85.61.20
52.85.61.25
52.85.61.35
52.85.61.52
64.76.235.73
012dfb64cd47293fcf7d693aa90712a0ca42d329dcea14f08a118b08ea91ab41
02a4e091ba452b8dfd36db8cf6309a6384f3c7877d29213ec5709cb572f0ea43
05a3eae5487356555f1ed167567a9d9332b292ff96a49db7ee7f9454754e0c7e
05a49db9f26c1949986bb7f3d04ac3912926f58187b68a125b5d351ab8356a26
05bf48804eb1bf4da9484e4ed401b617328f4e554189dd42696b8f80f6aa1553
069dbc2133c191ca672c67bd67e9c787f58645acd33d79800efba5d3f8fecc10
07a0604f32bc9424f9f0e6c1eb9b828bb6f20f5f8cdba2737e5162fe3d7b1f36
092ce7755eed832fb7b444c41938b67f2d3e3241d88f87c619a93c4cdf333cab
09aa91987c90c63c8a22e93e8b4c7887d9d93fe8eb9676724309673f83a3f2ea
0a1390773b5da9fb9da28a43210734923ee13b324dafa12894ed0f006474b813
0c9d24e6d8fbb159158363c6b8fed921df58efe25add722af753749c219c8e5c
0dff1ef8bd872c8f16fb0a22b68333ae2d72bc9bf0bb55275c589c1ac07dd221
0e2e8da6bd0fab4d58ce1df87ede31c7d41081fae677b685cebdfc65639d383f
0e3a16a7526271fa4ed8018a36a953a3b22f128cfd6737eff83ef3c311c62901
0e3ffe08081a6dd61294b46ad562bde8f183b18300b19b96507695a91986e42e
0ea889eead3d7a70549f2958199a55540521b7c06c3a0e8affebc7cb487fc92a
0ed39d4b0ca21aa0932c77ab089775271c66a789da6a5a28b057758360854694
0fa8d54f7e3f3f058d392d57d9296b096567bd6d5eeac9085b888948ec664048
1067aab41e2305267982554fe43696400b90373e94d669a413441acc93787965
137880b5c04cec30d233189acecbae700caa764b784f670ef1bd04424b59072f
13ad641781e6dd5f2134fcfc9b1589e3c66902b69ccbb68b74d3bd139c1e324e
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
1526634392b37b5e9aa816b244b9f9d2dcf1ed0b110389b7c79b991b74a83e3d
159fa5b16070194e5003e1ec8dd6afd082efe84844469306e8c6d6ea346d0093
15a3b13fe650dcee816c3e99f12579130bfb97c7a6857d0aaa0a3e853715c4eb
1fc7a85d391d66fc42b1fe43f5677728ffc14d8b54cb0df2e7acc380ac04a50a
20b472bbb66c1e1bc5b999da4672a763aba2c0927331db15d7f747f7eaa3ab53
2190bea6a046d0c3ff41efd7ac3c48a511ec2190153b74f6e8361b29a4975d26
2243a42b6915dade9c9c5ea24f60a26d38780ebb5fa57993279b0f5f8b6303a3
238b2ab94714de5dc29e90a2a270a6f67d0ed95ee56013ac1ba3b8433efb578e
23bbd8945ebfe12d275ae179175b6de34ccab6105197b8bbdd66701b8561523c
245be4b2113c03a2a8509cb4405b6f6d20ce3dc4077119039b4a2b5b344e2b99
24787c269284ba9992d91ee0c0d472f56b479e3c28bb7066fa31ae3808b706a9
29fb8b9658ff2ad79baac247b2fb3a1080dc8914011502e95d76c275317b63d1
2dfd7286cac1ca92c049489bd3e3430f72a5223dd83aab3e5884b13801e165ee
2eefd24dbb705cb3290d2968473d7e4dbad88a658aa643ad94688418a29be8b4
2f0d9d561361ce8ddaa7bb093ccad9f040d91e955e45138988cbcdc0a04b4c28
2ff77d5ad1a7b7466bb8dec1981f2e6c5fb42b12711ae75282a9a8923563a8a0
300b6228b363e19b9968505ca8b6236f279e968999817b76f84786627848cfd3
30ce89c37e7478808d7ca1a14735ab00243640e1251e1bea0e575d035dc36883
33d484a7b8497b0ce14268931395c7e7bbf444c3e2d70a66a7fc2a6769e621d9
395ec15d1f7fcafa7a2b39c6376edfafeccd65be3b11071a76ae202c4f9ac055
3ccf14a5c56cae85e105a52ac31df39265f92751c411de981ba9129c15f8ab3e
3e7916504fe5c2751ee680f76818b98dfa2add8c3a5a1d9e82d7bdd970cafed7
3fa5c9c3de640b68d97da2be52bc5b324b0e98039996618c5dc35b49a190e03c
41f28964d48bdf98e3c73d7746dc31f278eee23a218d7ea3dc427738f1b30e00
421e940d6f97605b150e72573232b2a2a00b812de0cb880fc82d681cc0027b66
43572879bb2f357fdc923f1b3da191effd738724e03658ecb8a26e44f26920e3
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
45cb6dceaef639f01af719a200c43791364432b9815649374e614ab79da4eb67
4709e23e7f78f26406956e5915d58ab3db3f6e3e5a0f6da4afb6656dfd2977ef
475bdc2a748b0813719b33eb2a726e1b026e154940fc43e0cee4ff44d4b1a117
493bf914cdde395596b8c5b416f7875e13c67f16d9fc88bb7afbcbf32bee1e76
5125b25c87d3baa6e7c90c31501e2e33f4d679aa588c463f437db0fc6d694b06
516fd9b1bdd0829544cefbf49edd287ac7d6b7976edeae62b1913c81ae039e7d
51d6932b261f9d4054aa9d4e268841011b5745bac57e608845e73ee079238852
52ced8c517321c5a3b0789a979c5010495c663b0094c74726469351c76b8a272
541240ff3f6a5bc8cf3469f609d35799d702171e0046953d696b3ff0f4251226
542d03237568982513ab4ba62f156d113a06a70dc0ac98e757de8ffa238dad07
54e629985f44b6105c2780988194a625d5faaf0d584c21bd9f5c913dbade5ccd
55870130e781a2c5b59de90cb1ea4f8b8a72ec858cb519299cc1b2cc31e5795c
56c73808d2932a6dae12c40b268d07ffd7711a9e24087771e25e86c55b27f813
571ff0b1004ba207916eae3e5563b3d19a02064736d885613145ffd34051a5af
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
5ac3989ee52d37bc16fed40078935b00aaa0473e8c5b690e647e18ecdac49920
5bbbf47a5ee57bfd0d6bd93062ad070dbf72896d5ec51a8fa080d77f10adedc5
5d9fd9f183790a96ac3dd3789b5bf1e59017dadd0981092f628d82f67d8e12ff
5eac289860b491f0d9faaae3b849e6f1fcf0093c6b36181fe82033cb7ed91a9c
5f2393c91e6ee0c9a3760d170ef38366a97c6ee44824c0a59308224c9e1a8667
653fdc023e4cb0aab40cd367827ef396687bb13419c46794ed383547fed20bdb
68ddd085037f42a48bdae2effd1beb04dc0868447a573fe5236b23e1f3a9ecd1
6999fdc9609efdc547019029280ce7f9b77175a577247bd07e0d25172e769b2a
6b9f92001dffef5cc30e354250b69810699d542a16e828ddcfc4059ea22d26bb
6cb14f37f490f607bdfbbf2652dbdf192754a056c99519941304eaf2460ae970
6de54d4b47310ba00a978e489d3d2c35ec008e7225025863ae0355ace2d84d7c
70659f0da7834c49e51842f93f7f2352a8ca9aaee9638ddd4fce2beceef88853
70ad4604e3a0764828f361da61060ff73e6de845684b21a01df31f9de98b35d4
72a09e2cd2b061b271e723a7980b01294cc9494c659b4d19139ddf7719902acc
7423f4da22d73a00e2e8a9a9fb99595f650e4691c2ba310c22b70fa37d1f516b
76432b02a931390985e0da1f4adcc6b7d2a44387d518c094002da4746a79ffcc
7734bd9d27874269f979240a162cf94effdc39ef644a712b36d56b9534f89f37
7a7baeda4e1558db54a3a879c9f1d3497defbe4a8c313f11e1b1819af93a9391
7aa9c3845000675fe8cde92c565bd7bc7de7e3e811219b11780fe5c53c99f288
7bda3f26d0e6f14386e84a357f52188862b4f68e697f97f7cab2fe12d8226b08
7ce7cdeae1239195a310df99a813831a57a122e1e61dd85fa27d16443322c706
7d3fdc727d4e08b6ddccfa053f73e5e6719987a2317d0e85259e6f24a79c9cc8
804c9cc533032eb2deca929999b8b1d7f5ccadc07bb99c436ea75ed3be0b86bb
829cae1e7ecbbc5d28f32212f38a55a78c904b7b4f3e7ef64a6dfac708337bf3
842752d0eeb04509a57f044d4bf65126cd5d43c5d39f0a9112b22c8cbf02c038
84553e16190e8f6643dfa76c6d03354fd05d07bc287ff3de112ad8e752465d62
86b225e580c747d4a4a7b2df712c7af0e531259af4843ec8d8be0f5283601218
86f530a1311315ae5bb3c95f04819ba52dfe4932a2fab3a7a9adaaec267685c1
889638b8c65d310b9a933373b2812397a01d4d3ea1a8260462566992b6e6fe52
88dedbfdaabe18a38af2216c415b81378e7221087bfb2e1fc173607698a10d6c
89a7d0678a22c268d7fd83ce021f7d028d97c0a98c5343f85283ff01fec2f569
8a29f8dffd208fcef7e89a651aa1fb74ade7123ca1eee4c22c21f453ec56b7f5
8a2dfc4d3f9d5bbf213b9a8e39e579e97f155c35370b429e3f18c73722316c0c
8d7ec26db4b39364ccefef83632cd92c628dc823839c150066e37852848e0fc6
8d94099b0f42fd52830fc74a542d4231cfdd124ca6be7ab8efc2bf5dbd5d3f09
8f08bf357c6e471b03c0ee03976e75c51e0b24f7982bdd7b58b393e89d648712
91014c308fcb40b4cdfdff2eea60932b396c8ede6af2c4bf96271a8f2258a8bf
928120b01fdd2f93a345f1fa8d80ae7f6e284f1a50356e0d04ef5a716ed9ad5a
945d63ea6dc286d5d6de0d78b49beb636d823babd4fe36f7494b4c6e74becfa6
94cbb1a3eaecd981dddec78c1cf70adb6f0b5debcccc4f815689d6968e58929f
95f0160c8059187629574e1d85a563f229d517c3eb8da6db2ee05a65d476b53e
98c89cfbfbe494d731664dd5054ca1acda729e0f4ef1f658880ed056caa1b10a
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
9a18ceb0979858ba96a839b32359c3febdf1c2fc029424128215a5ab87815c79
9af93c6b72fcc45deb6ea4919f4b2d1a9245cd994b49195ae141460765f9e5f6
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
9bfa134df1fbfaa4d894c98022c88e025226e1e10974921182b815f20e3f7aa4
9d7d4c0bbd38696d78c18087fa29492d50076ef8ea5811cc4193fceb076b8625
9eabecbc19d18bd61f207221bbae796d0c4b6c3ee60903f1e73e36ff8c4d815c
9f04f42586114f903d7c21872704a64cfe12c55925d0460e7529a7bcbaa130c8
9f9d4ecbe4e705211a747c6bf26d29e184073b067e8b5c6a96438753d0699693
a2017ecf9802db3f3095ed96372862d729c5baf9dbc12a9d9fa7c5064536b29d
a52f98d258bd8edf9f7804a1aebb7fac868b302bb32aa4f4ec934dfc37742c71
a754c38de76628e49d2fda802371cd28e4ce1c8fb568d7b8947c34897d9fe033
a9aa80adf0c2356b9e6841f3320b6dc3a102ed9de62ddd42a04f05ec467c9622
aa1a2419b9b615852c58b83b7cdf67ca3eb6b8a1aba41e59ca01d41ebd58cc51
aaa06c0cdca1459b305dd668d9f1625fc26c8fb83b61ce830cade8374c57fc21
ab469a116b01bad030834876654b68134de9ab86443fdd28c24c44c6302e8deb
acaf08d93d1f9689d82b7850101420bcea1919a4d314058c3b52762d8b43c212
aecad62a4dbf7a5048d36eac2d68ceea32085a69415c760fe93217446053227b
af22d65d0289d954f8147aa1eafe8378218244a31dff9edd6559c8009fe151e4
af79d1edf85558a1e4df4c8e059fac64e79ac065310c976c5c632e612932c81b
afa6aff867d57cecba01bb1af4ea9fded46fe8e53068c39cb189fb93b0a7d0d3
afe726a79bc1ce2e76061ac479595bdeee63be992e5895c79388b7237c5aacdc
b46906ecdce3b9461ec7c6d45317a0cc56346ba386425d3247b8899a32caa24d
b4e0fd246054358b3417c9da10e49410003adc532acd8f08a12017930aab7a1c
b7079975bee6cb715358873e976e602cfe10b47062aa0098bc706353f2aa620b
b7db7de0e673fb6f20363c2848c3ea1455f0c9a7160d47077f6c31278691fb0b
b893957de21b1e6017131e153a6d5b9e57a63420f60e4bb36797f165623d8157
bb1786084b9f9a13981f0cb84a37def2537bcc66542dd335c54669ff5efe8015
bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c
bd7811bd8737e03992a0020029514a54a3404f257308ac65a7de0984233df00a
bdd41ab1218dfd4e49a6f8e334d833e95adb61c4bf2c399e288fa5f9acfb9ddd
be593468093816b5b692d4f5d58d5a05939540affedd01069fc869bfb1d43e63
bec3b6e7e676acda40ba89af68c8cc2fff95cde5e5eb3290b0ffbf8b004210c7
bf327a3676921093329300a1d7e98299ec9e03a0e9e38d43c76616b85575e774
bfcd2c7262704f64e60030cfb9d2d2a905cb7d93ef411c3b7b53eb30ab355596
bfe25e9ed52a3a7390f3222ed0b78f51fc34fe1661db26a5ea471ab61129a69f
c2c9c59c0b62f22ee7916d37aae5636140a77d35aaf59eab43bffe27540e8a4d
c363fc5575918f22b56b0fa54fa11165ca0a620f830cd353bd37d81af325c2c1
c3a29ef9dab1c8ba7e968ddd08cb574362b16038cb407293d5f10d5e7fa15763
c3c68276f37888b2095bd3e02cd0ccddbdd94de0ce2530a3cf70655a3d9f12a4
c45c5771f2d0618f99764e3d26f9538a4811f82842dd5ced90a824936bc6683b
c571ae34f387c9b81381036896ea4f6c438f76282846bd3f0ebe159bb510018d
c6e303cdbeb60c542a0650ebe70c84ecddb0e1818b59f957f8725e9ff6453f76
c6f62b46bcaa544a9c14dd6c8e8455566764b5d2755c5f51f2c0f3b719850353
c98b190beb8457b2c6389e9a89e33213f40dc0c542f9eae02d2b648632036bd2
ca3d630a45c054180866155375b5ba7cfb4ca703797235444506807bd56305d6
cb8d6b9122706f26f20c5c779de0981c1e3cdc8335f42360ff83da82463745a5
cc271c2e465f8695a395168535ce10d61d5c9e084d52d8ad415c1852e7101831
cc9e08e6e5af3bd93f0a68b1d10ccd5923cbf42ffb0a54ccf9166a5587e22918
cd682dfda08ff60cb63ec08fc2e59a9d266177c25cfbe7b53400c5febbc22399
ce42b2dc395d719e610566929c94f3d8b6b189a543c0f41dae490c522d466495
cebe5614902d18b2eaebfa3e7dd08b4166e4e1ba67864df3c36483f24868a6cb
d0f436537f407e1e00dcb9f118fe1027611dfd0c75319f9d654807c5009ef6b7
d1a10b36947341679208c391fb29304c2a62c08ef5c0576ae4d569c12c799a93
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d46bac93ca7d097d358fcb1e7c8614882ee006802bc97efe614514de220ebedb
d6312a87831d569843b9c471a6a5125a45c383e513bc93637b86c428ccaaa1ba
d666dc9812b32f9c55da31c41d00900181091bb3e2a9e774410b54aced305618
d6d8dd97023ed0f4b88db2cb3cfad8562c9c8aff1611e9b505609eb2bd1e570e
d7b111f20cfb1c936139ab31eba784db450ae7d14bdfd22328edae3348987df2
d957228eada1441819abef69178d8f411878e29601f08455c08aff2ae255b933
da27d95f1aa629807d0ec540f20985d0a512cd0a3ba84dc2be99743e49392f17
db618f11ce819be858b45b4881f137b3092e041c234df464584939a86a488151
df233c3ff16a3ba7841f3577f2cafa390a5a8c3f6b3d05e2dc527bf9b04de922
e0147f59176de791b24577c97113c6a7ba545b0250028687348ebe792940fe1b
e0ecb6c51247a6af9d6e274d834e94ec6a78b07afc978e5a2a11f6248917ae90
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e2ca91f4d52b0f418a86dd7eb21d63ae374450315ec1797f46f3191532d5710b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46add2a8e15df2649702a4dc1f56b756cd2247cb747061586f0b7d147eeb711
e542ac60e7cddf286a6d1abdd3f229fc7a38e214cee01810c3a62fa71ca7e372
e68b949cc5f64e5d3e1cac128a95d15a68712fd77b74a393ba33e2c9cc6e5f7b
e75598183241f0a1663b4415f0fcc3d8d6887afa4c2261497963571946a72327
e777ed383707256ba3cfab24b9c3bb5160e4427c15f4bebc92f43e105eabb3a1
e89d1dbf733eb4602011ce483ef4f0f4c5759f835b682b800374fb4f5e98547c
e9e61d12e8e162c61bdcd767ffaa02912ca9706d6058f5db6dd6e52eb11fc177
ebf7717e137ee7d2d27480320336e53cd7b6a8d605a61857f0ca470e00b582df
ec21b5b94069d2c27b12c222a373169c40d647125cd7d5b391ea1dc7e568f987
ec30ee72b34739103b4fdc45571589ae8b3221da700f5230ba94bbb18e1db70b
ed29ffd58d49d6e9f168faa18cd3f2e6a4caaaff5cdaba1c62c7c2ce093010e7
ed873b82fd306f99d20e8428cf44a26943dbe2b3037d04b23fba4188a4564975
eedf3bfe9631158937a8c728d31a8a8221564450ce6a033be3555a7c21719b26
eef200cc2739d58613cae77ce7b5e9fbe1f3706abfa09ea96e4f6e69a0038e3f
ef905f3e7ddb5b981c1a4ee0a6f3f40eafcd6c66173eab29c30a46439e05f845
f3ae0146c0c0ef2fa275f31f24ae49973f7011ec16badafe810b131ceb34d651
f551d38fff74f5f1b2c1df851828059a2ec113a52c2017cdaebee5ee93140ad2
f5fe44760cc7b6438ca9e9e2003b24d51169e3fca1a589c55d744d2ddda58219
f61d9ed801ce151eeea72a2141a3006e85770dbe8cba07f96b886b1b724b1a78
f7608f06056eaf0ba34e2bb129d065c4fb4f084cc9b7632a34be39430264c461
f78264f3edd1037b0e3ae430daacc77ce2b93bf91c52cc488ddb43b162dbe82d
f8f71650870d97cdccd6b4794344502711fc6c6879b8901e934d24176039bd81
fac0e13bfe90135764a88b128aeba6907c4eb0bfba06d573329e13ca95e3d801
fd680cee2be4bba3af8662239a9640bacf37a94ca07cc4494b96933ca16ebb6d
fdff3eaa89576dcaa7c6692632b16409d7a577297e24e963d93f261195e4a892
fe5029f69a5a4b2d30a509057c4058284ffd5f1eecc125644596c2df2af6ef26

cibcfcibmiles.com Open in urlscan Pro 52.85.61.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

232 Requests

96 %HTTPS

24 %IPv6

12 Domains

19 Subdomains

16 IPs

2 Countries

25223 kBTransfer

40901 kBSize

18 Cookies

2 Outgoing links

Page URL History

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cibcfcibmiles.com Open in urlscan Pro
52.85.61.52 Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

96 %
HTTPS

24 %
IPv6

12
Domains

19
Subdomains

16
IPs

2
Countries

25223 kB
Transfer

40901 kB
Size

18
Cookies

232 HTTP transactions
2 data transactions