rewards.berkeleypayment.com Open in urlscan Pro
34.205.248.193 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rewards.berkeleypayment.com/
Submission: On July 12 via api (July 12th 2023, 6:35:36 pm UTC) from US — Scanned from US

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 1 countries across 18 domains to perform 58 HTTP transactions. The main IP is 34.205.248.193, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is rewards.berkeleypayment.com.
TLS certificate: Issued by R3 on July 12th 2023. Valid for: 3 months.

This is the only time rewards.berkeleypayment.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	34.205.248.193 34.205.248.193	14618 (AMAZON-AES) (AMAZON-AES)
2	18.164.96.103 18.164.96.103	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21e... 2600:9000:21ea:2a00:b:3165:13c0:21	16509 (AMAZON-02) (AMAZON-02)
2	143.204.138.162 143.204.138.162	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	204.141.43.67 204.141.43.67	2639 (ZOHO-AS) (ZOHO-AS)
11	18.164.115.5 18.164.115.5	16509 (AMAZON-02) (AMAZON-02)
1 2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
3	108.139.29.53 108.139.29.53	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	34.198.74.222 34.198.74.222	14618 (AMAZON-AES) (AMAZON-AES)
13	199.67.85.76 199.67.85.76	2639 (ZOHO-AS) (ZOHO-AS)
1	2607:f8b0:400... 2607:f8b0:4006:806::2003	15169 (GOOGLE) (GOOGLE)
1 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	18.235.124.248 18.235.124.248	14618 (AMAZON-AES) (AMAZON-AES)
1	34.200.5.231 34.200.5.231	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.4.172.57 52.4.172.57	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
2	136.143.190.97 136.143.190.97	() ()
58	20

1 34.205.248.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-248-193.compute-1.amazonaws.com

rewards.berkeleypayment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.96.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-103.jfk50.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21ea:2a00:b:3165:13c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1wbjksx0xxdn3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.138.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.141.43.67 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.164.115.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-115-5.jfk50.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (Flushing, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.139.29.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-53.jfk50.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.74.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-74-222.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 199.67.85.76 (United States)

ASN2639 (ZOHO-AS, US)

css.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.124.248 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-124-248.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.5.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-5-231.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.4.172.57 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-172-57.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.143.190.97 (None, )

ASN- ()

salesiq.zohopublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	zohocdn.com css.zohocdn.com — Cisco Umbrella Rank: 13777 js.zohocdn.com — Cisco Umbrella Rank: 13431	493 KB
13	cloudfront.net d1wbjksx0xxdn3.cloudfront.net d9hhrg4mnvzow.cloudfront.net	414 KB
6	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1592 insight.adsrvr.org — Cisco Umbrella Rank: 603 match.adsrvr.org — Cisco Umbrella Rank: 383	6 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	386 KB
4	google.com www.google.com — Cisco Umbrella Rank: 10	2 KB
3	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 24718	66 KB
2	zohopublic.com salesiq.zohopublic.com	7 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	615 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	2 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1662 beacon.krxd.net — Cisco Umbrella Rank: 620	219 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	3 KB
2	zoho.com salesiq.zoho.com — Cisco Umbrella Rank: 14213	51 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	113 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 20443	37 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 28135	282 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 169	2 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	47 KB
1	berkeleypayment.com rewards.berkeleypayment.com	11 KB
58	18

	Domain	Requested by
11	d9hhrg4mnvzow.cloudfront.net	rewards.berkeleypayment.com
7	js.zohocdn.com	salesiq.zoho.com js.zohocdn.com
6	css.zohocdn.com	salesiq.zoho.com css.zohocdn.com js.zohocdn.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	rewards.berkeleypayment.com www.gstatic.com
3	match.adsrvr.org	js.adsrvr.org
3	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
2	salesiq.zohopublic.com	js.zohocdn.com
2	ups.analytics.yahoo.com	2 redirects
2	dpm.demdex.net	2 redirects
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	salesiq.zoho.com	rewards.berkeleypayment.com salesiq.zoho.com
2	js.adsrvr.org	rewards.berkeleypayment.com match.adsrvr.org
2	d1wbjksx0xxdn3.cloudfront.net	rewards.berkeleypayment.com d1wbjksx0xxdn3.cloudfront.net
2	www.googletagmanager.com	rewards.berkeleypayment.com
2	builder-assets.unbounce.com	rewards.berkeleypayment.com
1	beacon.krxd.net	js.adsrvr.org
1	usermatch.krxd.net	1 redirects
1	insight.adsrvr.org	1 redirects
1	fonts.gstatic.com	www.google.com
1	events.ub-analytics.com	rewards.berkeleypayment.com
1	www.googleadservices.com	www.googletagmanager.com
1	connect.facebook.net	rewards.berkeleypayment.com
1	rewards.berkeleypayment.com
58	24

This site contains no links.

Subject Issuer	Validity	Valid
rewards.berkeleypayment.com R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-21` - `2023-07-20`	3 months	crt.sh
*.zoho.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-25` - `2024-04-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
*.zohocdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
zohopublic.com R3	`2023-06-27` - `2023-09-25`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://rewards.berkeleypayment.com/
Frame ID: B2D7B7ADB530B950C29455D7948FE5E3
Requests: 39 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldh7QIlAAAAAHyfZuGskLZUZ8wdOuALqWn1ojW9&co=aHR0cHM6Ly9yZXdhcmRzLmJlcmtlbGV5cGF5bWVudC5jb206NDQz&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=o0hb34pgzezs
Frame ID: BF0D687C41C7FED9DD83B20D7943C7A0
Requests: 5 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=zhm4xnd&ref=https%3A%2F%2Frewards.berkeleypayment.com%2F&upid=iwwygfj&upv=1.1.0
Frame ID: 9015F983741A08399D9F1798D6DBD11C
Requests: 2 HTTP requests in this frame

Frame: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ba04b343-cbae-4492-a920-95e5254060dc
Frame ID: A9776E0E312FCDFF46F2A6D4783A383F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Frame ID: 3CFC22C6756D2B5C98BC4B5668680679
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-mXPDfYxE2uLf.znAcxvVLtFN5hxT9vc-~A&gdpr=0
Frame ID: C099199ACD05D34FA6B9B7CD06525376
Requests: 1 HTTP requests in this frame

Frame: https://css.zohocdn.com/salesiq/styles/newembedtheme_b181c7e2367cfe4e97de8b09c18b910a_.css
Frame ID: 84CA28CDF17A12CE18539044AE60EE24
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

58
Requests

97 %
HTTPS

32 %
IPv6

18
Domains

24
Subdomains

20
IPs

1
Countries

1636 kB
Transfer

4115 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061259981/?random=2041033257&cv=11&fst=1689186916143&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Frewards.berkeleypayment.com%2F&label=o8uiCLrShpoYEM3dtZop&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=1041151544.1689186916&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ZPKuZIGrFbGcoPMP7qiGuAo&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI4RHZRUFY2cHNIZ01YTnRuRFVPX01aR1N1SGZ6cWVyYU9pRlYxak5rQU04MncaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjJ4WkpFbVQybERYR01lSmd5U2ptNTg3NUJVUDVuOHR0LVlTVU5pa0ZKZ2ZXTGJ0RXdicE9EblEiEwiB7e7Q54mAAxUxDmgIHW6UAac HTTP 302
https://www.google.com/pagead/1p-conversion/11061259981/?random=2041033257&cv=11&fst=1689186916143&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Frewards.berkeleypayment.com%2F&label=o8uiCLrShpoYEM3dtZop&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=1041151544.1689186916&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI4RHZRUFY2cHNIZ01YTnRuRFVPX01aR1N1SGZ6cWVyYU9pRlYxak5rQU04MncaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjJ4WkpFbVQybERYR01lSmd5U2ptNTg3NUJVUDVuOHR0LVlTVU5pa0ZKZ2ZXTGJ0RXdicE9EblEiEwiB7e7Q54mAAxUxDmgIHW6UAac&is_vtc=1&ocp_id=ZPKuZIGrFbGcoPMP7qiGuAo&cid=CAQSKQBpAlJW6i_qnbstEOOrsLrwvt244emL_iM8vNhBEXRoPvrjQtClQTXV&random=112598494

Request Chain 41

https://insight.adsrvr.org/track/up?adv=zhm4xnd&ref=https%3A%2F%2Frewards.berkeleypayment.com%2F&upid=iwwygfj&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=zhm4xnd&ref=https%3A%2F%2Frewards.berkeleypayment.com%2F&upid=iwwygfj&upv=1.1.0

Request Chain 43

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ba04b343-cbae-4492-a920-95e5254060dc HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ba04b343-cbae-4492-a920-95e5254060dc

Request Chain 44

https://dpm.demdex.net/ibs:dpid=903&dpuuid=ba04b343-cbae-4492-a920-95e5254060dc&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=ba04b343-cbae-4492-a920-95e5254060dc&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam

Request Chain 45

https://ups.analytics.yahoo.com/ups/55953/sync?uid=ba04b343-cbae-4492-a920-95e5254060dc&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=ba04b343-cbae-4492-a920-95e5254060dc&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-mXPDfYxE2uLf.znAcxvVLtFN5hxT9vc-~A&gdpr=0

58 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
rewards.berkeleypayment.com/ 72 KB
11 KB 380ms
131ms Document
text/html 34.205.248.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rewards.berkeleypayment.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.205.248.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-248-193.compute-1.amazonaws.com
Software: /
Resource Hash: a12d6eca0b2ff544f0a77bb951ee35d7719ce9858629e3d89d6209979f41a4eb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-length: 10735
content-location: https://rewards.berkeleypayment.com/
content-type: text/html; charset=utf-8
date: Wed, 12 Jul 2023 18:35:15 GMT
etag: "a:5760f2930e9b4409b60c2aae58de740d"
link: <https://rewards.berkeleypayment.com/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: b6e178fd-ef0d-4945-afee-4ebec6b5befa
x-unbounce-variant: a
x-unbounce-visitorid: 5760f293-0e9b-4409-b60c-2aae58de740d

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 222ms
63ms Stylesheet
text/css 18.164.96.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-103.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 07:05:09 GMT
content-encoding: gzip
via: 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
x-amz-version-id: L4ZmeoxkTVchyWCkJ77TONE89Elaj8X7
last-modified: Mon, 04 Jul 2022 16:47:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 26220607
etag: "4458a4d76a70cb207bcc34d6bc6f872f"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2902
x-amz-cf-id: q6spdZxKOFM3YmXh96mYMrE4LaS2CxMl1nCb26CN10nTxQQCmHx1tA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
72 KB 266ms
104ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11061259981

Requested by

Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e14853c9a18b8e2264fcd908f9a410515b063a36bc6e18e7c9c4f0ff4ee961a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73404
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jul 2023 18:35:15 GMT

GET
H2 200 ub.js Show response
d1wbjksx0xxdn3.cloudfront.net/ 5 KB
2 KB 319ms
71ms Script
application/javascript 2600:9000:21ea:2a00:b:3165:13c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799044
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:2a00:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:24:35 GMT
content-encoding: gzip
via: 1.1 ea450411fc852f7d373f7efbe784dd74.cloudfront.net (CloudFront)
x-amz-version-id: DrDbRvFA9mO1umKMKkGWhgl31YCzXh7a
x-amz-cf-pop: EWR50-C1
age: 1386642
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1864
last-modified: Mon, 26 Jun 2023 16:59:10 GMT
server: AmazonS3
etag: "118cee1e64f6b283233c55aee7da10da"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 8XHo1xj0ieDH4zJOwrcuRtWeVDDLeQAzXxKHlJRh-awzs5eoBHtabQ==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 242ms
59ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 12 Jul 2023 03:56:11 GMT
Content-Encoding: gzip
Via: 1.1 061a00fb73c7b9b18dbae9db08e7a852.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 52745
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: hcL9Kf7SOBxC6N0yk8WnVJjDkja_BW2bmnIS9W6LWlb9pEE39cY5rQ==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
873 B 322ms
75ms Script
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c5f2fc4a7d1ddd45d3f965b175b70973260f079bbe0fbc6eb5feee59d41a70e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 553
x-xss-protection: 1; mode=block
expires: Wed, 12 Jul 2023 18:35:16 GMT

GET
H2 200 main.bundle-b8bce47.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 75ms
73ms Script
application/javascript 18.164.96.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-103.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:28:12 GMT
content-encoding: gzip
via: 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
x-amz-version-id: Z.WbuyCoilnUdm7ymqWQhG0_enogTBjk
x-amz-cf-pop: JFK50-P5
age: 691624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33784
last-modified: Tue, 04 Jul 2023 18:02:44 GMT
server: AmazonS3
etag: "a58eb6cf7e4cffa8041bdd43da1f4791"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: EF08ZSIyHsO4GV9NvXy0N57CU2Cu7Asgtbkv9jQGrjxUj9Usdxmsig==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 316ms
68ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Jul 2023 18:35:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: wYLfds7J2xVsmxj4e3SDtUwXUY2PRgrOQEWGFaPZBzpORZo76DGo/apThEhGD5gG6moHYbciekdkE8XLlVoDLg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 106 KB
41 KB 106ms
105ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MLLL3GS

Requested by

Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3feae90155fd239d50449a9477041be2b880896f0dca90d5e08067acc6ee81a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42123
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jul 2023 18:35:15 GMT

GET
H/1.1 200 widget Show response
salesiq.zoho.com/ 135 KB
41 KB 451ms
204ms Script
text/javascript 204.141.43.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/widget

Requested by

Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.43.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

2e9b5e6223527bd808a0627d1fd1681dd3f8ec921b5070b5f21ede83aba0be1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
Date: Wed, 12 Jul 2023 18:35:16 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
Server: ZGS
ETag: W/9f4ea4900c28808585e7919deff1e6f556122734e683b86d409c1d15dc5bc2d0
Transfer-Encoding: chunked
vary: accept-encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: keep-alive
Expires: Wed, 12 Jul 2023 18:40:16 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 1ec1591c-rewards-incentives-background2_10000000hm0u20m500001o.jpg
d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/ 5 KB
5 KB 384ms
143ms Image
image/jpeg 18.164.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/1ec1591c-rewards-incentives-background2_10000000hm0u20m500001o.jpg
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-5.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ec0d5bd03ceae0a1c586f333f708b97dfc702f1ea62bc5521c30a723596aec6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:17 GMT
x-amz-version-id: YUPd4ipzRP08YUKtjRwL3Z6lkFojZAF2
via: 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jul 2023 17:57:05 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "41171729d5bd2cf095ee099f0be3aa49"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4965
x-amz-cf-id: azPisS4x527Vo8sod2GZeFrxDRl7LMzvt3JVdXxLaJd7nd8nEbOmmg==

GET
H2 200 6896bce7-rewards-incentives-learn-more_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/ 11 KB
11 KB 450ms
210ms Image
image/png 18.164.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/6896bce7-rewards-incentives-learn-more_1000000000000000000028.png
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-5.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 798cb9ab4d524eefcc1fff198c5e9736c690fe5b2704af123005e4ab508e4196

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:17 GMT
x-amz-version-id: UpQOcPfVlmRuJbbilWYcOqhMtRb7iOJb
via: 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jul 2023 17:57:05 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "c70e966b7210babccbc1499acb113208"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 10845
x-amz-cf-id: w3jEUJ93m0nM_9bx0v22c0iCAbRSRMaXfPeCYRXCF_1TKM1m143EVw==

GET
H2 200 70613de1-rewards-incentives-get-started-b_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/ 5 KB
5 KB 431ms
192ms Image
image/png 18.164.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/70613de1-rewards-incentives-get-started-b_1000000000000000000028.png
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-5.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6e900c7904ac31a981f9ee11b308425bcd61450288e5e20cbfff5d2695e8a60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:17 GMT
x-amz-version-id: a4oYEcPg4CIo3daYHTdVWi4iNWf9sRR8
via: 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jul 2023 17:57:05 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "9b3d117bbb0dee6d8804811763a2bee6"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4740
x-amz-cf-id: 4H90AEnSnBsGMx_H_r4wfgLsJOEjGYACFIYH9OPGhPpUTPRuo_KaSQ==

GET
H2 200 79cd42a9-rewards-incentives-background-b_11qw0u000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/ 18 KB
19 KB 368ms
130ms Image
image/jpeg 18.164.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/79cd42a9-rewards-incentives-background-b_11qw0u000000000000001o.jpg
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-5.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 285eceeca0df23d7ee358c167a539b4e760e85a3fcea43728a2dabfd00f24f4e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:17 GMT
x-amz-version-id: EToShocz3.WYMp6RQgxz3FbBqjpU.E1J
via: 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jul 2023 17:57:05 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "dea8a32140926d405b17a2a213359180"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 18762
x-amz-cf-id: PF49AkabLiFmTVy-8HGLOY6DMDMmL5NjDmLSrAP95lB_WvMtF0dJvQ==

GET
H2 200 b83325d7-rewards-incentives-paralax_11hc1m600000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/ 32 KB
33 KB 392ms
155ms Image
image/jpeg 18.164.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/b83325d7-rewards-incentives-paralax_11hc1m600000000000001o.jpg
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-5.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbeba5c39f4c8dbb9b9a0180608697113a979b02d1b85af9ab8285f038f3e47a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:17 GMT
x-amz-version-id: zC9YKFHpdbbNTGTHAlSuNcxgg9WQBzTY
via: 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jul 2023 17:57:05 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "134eaf179f9f1f44f5e251322451518e"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 33037
x-amz-cf-id: n2c4CtmB40qqsSX9eFMjt4bVS5dciE4AbiJUzv-JwLDO1gAnJr1oUw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11061259981/ 2 KB
2 KB 237ms
93ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061259981/?random=1689186916059&cv=11&fst=1689186916059&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Frewards.berkeleypayment.com%2F&hn=www.googleadservices.com&frm=0&auid=1041151544.1689186916&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11061259981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efd6b6c981727d003c8651853ac516451bf858909773e77181616e23af6502ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 18:35:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11061259981/ 3 KB
2 KB 244ms
86ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11061259981/?random=1689186916143&cv=11&fst=1689186916143&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Frewards.berkeleypayment.com%2F&label=o8uiCLrShpoYEM3dtZop&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=1041151544.1689186916&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11061259981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

9b146c60afa4a7418559068ef27da10cd255834a3e3fa8c0c6dea008cc2371c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 18:35:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1553
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK ffaac5fb-df06-4f01-9d7d-2bdca49c4ccd
https://rewards.berkeleypayment.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://rewards.berkeleypayment.com/ffaac5fb-df06-4f01-9d7d-2bdca49c4ccd
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 6 KB
1 KB 396ms
120ms Stylesheet
text/css 108.139.29.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Montserrat:600,500,700%7CPT+Serif:regular

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-53.jfk50.r.cloudfront.net

Software

Resource Hash

f288fe4f563483fea1755a8a8211cb463efe0a3d4cfba3abd205bd0fc5bd2226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 8e923e72a50f75048382f193bf6c8c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
x-amzn-requestid: cc42b872-2430-44eb-9bfc-c84f83526567
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: H9rPwFfCIAMFeMg=
content-length: 660
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-64aef264-2c1de0d6137c78810a113dd9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: N-P7DKXQS4b5JHz_yrmWzB1_JlvqyemK3MzYcaxiKuIb9SVYDmZGmw==

GET
H2 200 f2a36ccb-berkeley-logo.svg
d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/ 9 KB
5 KB 133ms
131ms Image
image/svg+xml 18.164.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/f2a36ccb-berkeley-logo.svg
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-5.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6e68f30694f9337c17145e08cbdc96082f6b7f8e1a9de52a6f6b51039920994

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:17 GMT
x-amz-version-id: yWsWXqJZaQYAO59HthvySi6Jc44C_q9s
content-encoding: gzip
last-modified: Wed, 12 Jul 2023 17:57:05 GMT
server: AmazonS3
via: 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
etag: W/"ba41f25de688d0a80ce8e82879bdaf5f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: CQcT4tX09oLgJWDgSfKHDXecDd1zmwbLiOuhkBk9oeqO_r-FdIDD1w==

GET
H2 200 f3358286-rewards-incentives-person2_10jx0ox000000000000028.png
d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/ 194 KB
195 KB 219ms
217ms Image
image/png 18.164.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/f3358286-rewards-incentives-person2_10jx0ox000000000000028.png
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-5.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ecd77982ec937fa5684c00a4cee5149c41d993eea85682c05d0d838b3875874f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:17 GMT
x-amz-version-id: 9GLNgu5wUFBiXDU7JBKIcfZsy_xitHUn
via: 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jul 2023 17:57:05 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "31c3dba22893eb4c3532a74adc477526"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 198763
x-amz-cf-id: 6aAEJ8O4yamzraLt7eNAvNKyAVPBHzr0bDeaeLeEDFHOkzyb2dfvUA==

GET
H2 200 5aaa8672-cards_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/ 25 KB
25 KB 164ms
162ms Image
image/png 18.164.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/5aaa8672-cards_1000000000000000000028.png
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-5.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b49d4247b11ffc669fd7a1cf3f5578ab3c3404a0ebf6dc46a352379b6fea2691

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:17 GMT
x-amz-version-id: I74mXkZLf3Xz1WjP3dWN6Mv6pKrbheFE
via: 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jul 2023 17:57:05 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "bc5247a47c10f9f1d088dce7c1141c38"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 25167
x-amz-cf-id: -0aSnwceQkjUJkIu9_a0HswKTkOpaewMKMpvvznepMnaYMBzb6ECew==

GET
H2 200 38c4a124-whitecheck-berkeley_100u00u000000000000028.png
d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/ 504 B
915 B 149ms
148ms Image
image/png 18.164.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/38c4a124-whitecheck-berkeley_100u00u000000000000028.png
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-5.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6f8618537add23be7a55f42d91f7acc3b2d72df25accae865a5508821741fd2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:17 GMT
x-amz-version-id: xG4AiFZBYTbYeGWmPN1tGq_CYeMMUDXg
via: 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jul 2023 17:57:05 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "32629624fce069e663c789d2fcba1ad2"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 504
x-amz-cf-id: BhhqTlGoNvagin427nbMMV1KhV-_IxdMpnpYPKEtGDjN9u-DoaUpXw==

GET
H2 200 82cbf004-rewards-incentives-person_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/ 82 KB
83 KB 196ms
195ms Image
image/png 18.164.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/82cbf004-rewards-incentives-person_1000000000000000000028.png
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-5.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24cce780e7d3ef2c31cbbee342bda91c0123ae1e2827cc00a241eb1426b41c33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:17 GMT
x-amz-version-id: BCCFWbfpQwRPCsPUgWxxpnSp8ZnucGqQ
via: 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jul 2023 17:57:05 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "357a82e33bbb37aed60542431df77029"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 84420
x-amz-cf-id: eESX2UCH7eyGSWYIckqa5dOsmzqujQcXxkFKZQoD4zB2v5cvSqXLxA==

GET
H2 200 d9b31836-622b0c3c5acf6e47a76264d8-checkmark-circle.svg
d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/ 1 KB
1 KB 130ms
129ms Image
image/svg+xml 18.164.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/rewards.berkeleypayment.com/d9b31836-622b0c3c5acf6e47a76264d8-checkmark-circle.svg
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-5.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 194dc6d9ded3792aa89165f83d14f7bd20fd6bd6a4ffc79b7adf1be8844a03ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:17 GMT
x-amz-version-id: PtPJ2jAcpvtuXldotRGuNgXHqktjRRxw
content-encoding: gzip
last-modified: Wed, 12 Jul 2023 17:57:05 GMT
server: AmazonS3
via: 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
etag: W/"6267604252346c9cd0d80cb4e8c9e2bf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: isOUY-BB5bbinemB5RQzpzRyHm5GQAoPWaU4a34VLcEf6UhFGvghew==

GET
H2 200 sp-2.14.0.js Show response
d1wbjksx0xxdn3.cloudfront.net/ 98 KB
30 KB 92ms
86ms Script
application/javascript 2600:9000:21ea:2a00:b:3165:13c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wbjksx0xxdn3.cloudfront.net/sp-2.14.0.js
Requested by: Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799044
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:2a00:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:23:46 GMT
content-encoding: gzip
via: 1.1 ea450411fc852f7d373f7efbe784dd74.cloudfront.net (CloudFront)
x-amz-version-id: 0Jz2Bo4sfVFEftEdSoFX9n5OCEdIO6kj
x-amz-cf-pop: EWR50-C1
age: 1386691
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30399
last-modified: Mon, 26 Jun 2023 16:59:50 GMT
server: AmazonS3
etag: "73de733c308b8b5e44d2a6242dc4bd99"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: MOZOD9nHr0RE4col09ABSyd06ym2ryyks9RdqlKr9UY04GaghJyB0A==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ 427 KB
172 KB 212ms
61ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rewards.berkeleypayment.com/
Origin: https://rewards.berkeleypayment.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 16:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175692
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 16:57:32 GMT

GET
H/1.1 200 website Show response
salesiq.zoho.com/visitor/v2/channels/ 24 KB
11 KB 184ms
183ms XHR
application/json 204.141.43.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/visitor/v2/channels/website?widgetcode=ace229ab93b9d49f58f15556fe2cde54e1041c775df01fc1229a8659669825150ffdb29dd041d4b03e97e391fcbee248&internal_channel_req=true&language_api=true&browser_language=en&current_domain=https%3A%2F%2Frewards.berkeleypayment.com&pagetitle=&include_fields=avuid

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.43.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

6521f5b44b0f683d19f97028d5073b9d9fc38cc852eeb43b1eec5b7e0f42f6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 12 Jul 2023 18:35:16 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1
Server: ZGS
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://rewards.berkeleypayment.com
Content-Language: en-US
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Encoding: UTF-8
Access-Control-Allow-Headers: Content-Type,x-siq-internal-channel

GET
H2 200 /
www.google.com/pagead/1p-user-list/11061259981/ 42 B
327 B 94ms
93ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11061259981/?random=1689186916059&cv=11&fst=1689184800000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Frewards.berkeleypayment.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2124711389&rmt_tld=0&ipr=y

Requested by

Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 18:35:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/11061259981/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11061259981/?random=2041033257&cv=11&fst=1689186916143&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fre...
https://www.google.com/pagead/1p-conversion/11061259981/?random=2041033257&cv=11&fst=1689186916143&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Frewards.berkeleypayment...

42 B
64 B

90ms
89ms

Image
image/gif

2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/11061259981/?random=2041033257&cv=11&fst=1689186916143&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Frewards.berkeleypayment.com%2F&label=o8uiCLrShpoYEM3dtZop&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=1041151544.1689186916&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI4RHZRUFY2cHNIZ01YTnRuRFVPX01aR1N1SGZ6cWVyYU9pRlYxak5rQU04MncaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjJ4WkpFbVQybERYR01lSmd5U2ptNTg3NUJVUDVuOHR0LVlTVU5pa0ZKZ2ZXTGJ0RXdicE9EblEiEwiB7e7Q54mAAxUxDmgIHW6UAac&is_vtc=1&ocp_id=ZPKuZIGrFbGcoPMP7qiGuAo&cid=CAQSKQBpAlJW6i_qnbstEOOrsLrwvt244emL_iM8vNhBEXRoPvrjQtClQTXV&random=112598494

Requested by

Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/

Protocol

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 18:35:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Jul 2023 18:35:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/11061259981/?random=2041033257&cv=11&fst=1689186916143&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Frewards.berkeleypayment.com%2F&label=o8uiCLrShpoYEM3dtZop&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=1041151544.1689186916&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI4RHZRUFY2cHNIZ01YTnRuRFVPX01aR1N1SGZ6cWVyYU9pRlYxak5rQU04MncaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjJ4WkpFbVQybERYR01lSmd5U2ptNTg3NUJVUDVuOHR0LVlTVU5pa0ZKZ2ZXTGJ0RXdicE9EblEiEwiB7e7Q54mAAxUxDmgIHW6UAac&is_vtc=1&ocp_id=ZPKuZIGrFbGcoPMP7qiGuAo&cid=CAQSKQBpAlJW6i_qnbstEOOrsLrwvt244emL_iM8vNhBEXRoPvrjQtClQTXV&random=112598494
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
events.ub-analytics.com/ 43 B
282 B 227ms
61ms Image
image/gif 34.198.74.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1689186916573&e=pv&url=https%3A%2F%2Frewards.berkeleypayment.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=72baba1c-c866-47ba-90ba-a8170a4633bb&dtm=1689186916568&vp=1600x1200&ds=1743x3279&vid=1&sid=248926ac-7b6a-4fcb-a1de-b281c6be3777&duid=07215947-11ad-4d1b-bc8d-01a0a54b813a&uid=5760f293-0e9b-4409-b60c-2aae58de740d&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiYjZlMTc4ZmQtZWYwZC00OTQ1LWFmZWUtNGViZWM2YjViZWZhIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by: Host: rewards.berkeleypayment.com
URL: https://rewards.berkeleypayment.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.74.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-74-222.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:16 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.ub-assets.com/fonts/s/montserrat/v25/ 30 KB
31 KB 197ms
70ms Font
font/woff2 108.139.29.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Montserrat:600,500,700%7CPT+Serif:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-53.jfk50.r.cloudfront.net

Software

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Montserrat:600,500,700%7CPT+Serif:regular
Origin: https://rewards.berkeleypayment.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 14 May 2023 10:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 30928
via: 1.1 c4ce298584668e99f320a46c88c4a04a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 5127732
x-amzn-requestid: 4a8becc6-f52b-48fc-abb6-03959cd23a8e
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: E6EXmHnhIAMFVMg=
content-length: 30956
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6460b430-2886e498022b129714af22b0
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ErkBKktE-Nrj1HQ1f2wuR8cmqx1GM1gwNnWzaGrqcuwe2vf6bKIfpA==

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.ub-assets.com/fonts/s/ptserif/v18/ 32 KB
33 KB 253ms
127ms Font
font/woff2 108.139.29.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Montserrat:600,500,700%7CPT+Serif:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-53.jfk50.r.cloudfront.net

Software

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Montserrat:600,500,700%7CPT+Serif:regular
Origin: https://rewards.berkeleypayment.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 33116
via: 1.1 c4ce298584668e99f320a46c88c4a04a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 811458
x-amzn-requestid: f2f65f94-8300-41a0-9fda-26cf5ee6a3dd
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: HeuJYE5ZoAMFpfw=
content-length: 33149
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-64a290a2-5c35d6a37acdc7714a4d7611
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wGHskJW_oJI-zhRw8vUJ3osCrU5K2Wivuzf-7Tnvg_Soqe_NKQjtSg==

GET
H2 200 floatbutton1_0f387f7425cc64827815069aef1e8961_.css
css.zohocdn.com/salesiq/styles/ 56 KB
13 KB 228ms
67ms Stylesheet
text/css 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/floatbutton1_0f387f7425cc64827815069aef1e8961_.css

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

ce181f909840c9cf123389adf8e3d191c5b9fb74a14aebb4fae633a6ea661b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13141
x-xss-protection: 1
last-modified: Tue, 27 Jun 2023 05:05:47 GMT
server: ZGS
nb-request-id: db5888eb8380ab3dc282316d33bf9371
etag: "44ea1805f313c9a04fd8a80ab2629120"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ca1-231ad5ec59d04849bb8bea05f3fab325
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 floatbutton1_2b05ea670f5e348179e73dcc94209873_.js Show response
js.zohocdn.com/salesiq/js/ 39 KB
14 KB 236ms
71ms Script
application/javascript 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/floatbutton1_2b05ea670f5e348179e73dcc94209873_.js

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

6e0db66cbb5a1db384c10879c825697b004914329aad918a8d11cccd0f669c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13716
x-xss-protection: 1
last-modified: Wed, 12 Jul 2023 06:55:00 GMT
server: ZGS
nb-request-id: 9dd18c0ad6cf23d9f09a48c65347e32b
etag: "6b4119bec5168e29f057e3a3a1ee0519"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ca1-2783fbd1dd4049f2a74675335cd98a54
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame BF0D 7 KB
1 KB 121ms
101ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldh7QIlAAAAAHyfZuGskLZUZ8wdOuALqWn1ojW9&co=aHR0cHM6Ly9yZXdhcmRzLmJlcmtlbGV5cGF5bWVudC5jb206NDQz&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=o0hb34pgzezs

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b1ab4783659d7a15e270b132cbcbec8fe9ecf65d9054f501123da34311a5eda

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iK1woJ6uF5Yydz7kCO_ULw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rewards.berkeleypayment.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1082
content-security-policy: script-src 'report-sample' 'nonce-iK1woJ6uF5Yydz7kCO_ULw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jul 2023 18:35:17 GMT
expires: Wed, 12 Jul 2023 18:35:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame BF0D 55 KB
24 KB 191ms
61ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldh7QIlAAAAAHyfZuGskLZUZ8wdOuALqWn1ojW9&co=aHR0cHM6Ly9yZXdhcmRzLmJlcmtlbGV5cGF5bWVudC5jb206NDQz&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=o0hb34pgzezs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 19:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jul 2024 19:05:47 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame BF0D 427 KB
172 KB 224ms
95ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 16:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175692
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 16:57:32 GMT

GET
H2 200 float_8be4374c3228dfc95e54d8ea8096342a_.ttf
css.zohocdn.com/salesiq/styles/fonts/float/ 1 KB
1 KB 209ms
72ms Font
font/ttf 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/fonts/float/float_8be4374c3228dfc95e54d8ea8096342a_.ttf

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/floatbutton1_0f387f7425cc64827815069aef1e8961_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

5a97624cffe3f1b21127be4b588587d68f520fbe80aae2bb3acbdde17c0ea141

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://css.zohocdn.com/salesiq/styles/floatbutton1_0f387f7425cc64827815069aef1e8961_.css
Origin: https://rewards.berkeleypayment.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000, max-age=63072000
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin, cross-origin
content-length: 906
x-xss-protection: 1
last-modified: Wed, 09 Nov 2022 10:49:26 GMT
server: ZGS
nb-request-id: 16a86a3edeb342aeabc90311962f2939
etag: "4c5578b6975e326c3bfea8954ffaa2d4"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
content-language: en-US
z-origin-id: ux4-5886f9d730de46b9bf6d39f1817d6c0b
accept-ranges: bytes
timing-allow-origin: *, *

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame BF0D 2 KB
2 KB 72ms
71ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:27:06 GMT
x-content-type-options: nosniff
age: 374891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 15 Jul 2023 10:27:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BF0D 15 KB
16 KB 208ms
63ms Font
font/woff2 2607:f8b0:4006:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 16:14:59 GMT
x-content-type-options: nosniff
age: 354018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 16:14:59 GMT

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 9015
Redirect Chain

https://insight.adsrvr.org/track/up?adv=zhm4xnd&ref=https%3A%2F%2Frewards.berkeleypayment.com%2F&upid=iwwygfj&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=zhm4xnd&ref=https%3A%2F%2Frewards.berkeleypayment.com%2F&upid=iwwygfj&upv=1.1.0

838 B
1 KB

65ms
60ms

Document
text/html

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=zhm4xnd&ref=https%3A%2F%2Frewards.berkeleypayment.com%2F&upid=iwwygfj&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: bebfc460ddfaa991496c02a9f0464d3b0542d95e7345df674bee317298d0b8a2

Request headers

Referer: https://rewards.berkeleypayment.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Wed, 12 Jul 2023 18:35:18 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Wed, 12 Jul 2023 18:35:18 GMT
location: https://match.adsrvr.org/track/upb/?adv=zhm4xnd&ref=https%3A%2F%2Frewards.berkeleypayment.com%2F&upid=iwwygfj&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 9015 487 B
987 B 60ms
59ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=zhm4xnd&ref=https%3A%2F%2Frewards.berkeleypayment.com%2F&upid=iwwygfj&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 20:59:40 GMT
Via: 1.1 061a00fb73c7b9b18dbae9db08e7a852.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 77739
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: MKQ5sWv8rJGtYD6pbCOppKv3s72xqlWbv0otWl0N8CfV-84ABHRJ0w==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame A977
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ba04b343-cbae-4492-a920-95e5254060dc
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ba04b343-cbae-4492-a920-95e5254060dc

0
0

374ms
59ms

Document
text/plain

34.200.5.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ba04b343-cbae-4492-a920-95e5254060dc
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.5.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-5-231.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-cache, no-store
date: Wed, 12 Jul 2023 18:35:19 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-request-time: D=31 t=1689186919
x-served-by: beacon-n014-ash-prod.krxd.net

Redirect headers

content-length: 0
date: Wed, 12 Jul 2023 18:35:18 GMT
location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ba04b343-cbae-4492-a920-95e5254060dc
x-age: 0
x-cache: MISS
x-cache-hits: 0
x-served-by: usermatch-a015-ash-prod.krxd.net

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 3CFC
Redirect Chain

https://dpm.demdex.net/ibs:dpid=903&dpuuid=ba04b343-cbae-4492-a920-95e5254060dc&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=ba04b343-cbae-4492-a920-95e5254060dc&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam

70 B
570 B

58ms
57ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 12 Jul 2023 18:35:19 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
DCS: dcs-prod-va6-1-v049-0c4538ad7.edge-va6.demdex.com 5 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 130NOTO1Qdw=

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame C099
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=ba04b343-cbae-4492-a920-95e5254060dc&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=ba04b343-cbae-4492-a920-95e5254060dc&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-mXPDfYxE2uLf.znAcxvVLtFN5hxT9vc-~A&gdpr=0

70 B
570 B

67ms
67ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-mXPDfYxE2uLf.znAcxvVLtFN5hxT9vc-~A&gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 12 Jul 2023 18:35:19 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Wed, 12 Jul 2023 18:35:18 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-mXPDfYxE2uLf.znAcxvVLtFN5hxT9vc-~A&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.57
strict-transport-security: max-age=31536000

GET
H2 200 floatbuttonpostload_0ecf950aecfaf2a7278d824d307c9e54_.css
css.zohocdn.com/salesiq/styles/ 35 KB
8 KB 121ms
120ms Stylesheet
text/css 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/floatbuttonpostload_0ecf950aecfaf2a7278d824d307c9e54_.css

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton1_2b05ea670f5e348179e73dcc94209873_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

206b0c0ba1edd2c3eb7b999ff67a6da00046bce1ba3c8078d6acf86a5d29bec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7788
x-xss-protection: 1
last-modified: Mon, 27 Mar 2023 14:24:11 GMT
server: ZGS
nb-request-id: e87293bc1e66dc3ac0e02f64a3fe8cb1
etag: "8e85c72d2788b1a90264c864fc5eec79"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ca1-6e26530fb5b94a9292e002f33195a00f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 newembedtheme_b181c7e2367cfe4e97de8b09c18b910a_.css
css.zohocdn.com/salesiq/styles/ Frame 84CA 233 KB
53 KB 89ms
89ms Stylesheet
text/css 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/newembedtheme_b181c7e2367cfe4e97de8b09c18b910a_.css

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton1_2b05ea670f5e348179e73dcc94209873_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

df802c1599a53e54aa43be2f4c167c7d02e7adcaa522f2be53d92612cbd46977

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 53344
x-xss-protection: 1
last-modified: Tue, 27 Jun 2023 05:05:57 GMT
server: ZGS
nb-request-id: a61324b1e8e17af5a29058cf03402314
etag: "9e757ec6441cd8b30641d48a12ec9995"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ca1-fb24776856494a3586e7e53609527df1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Jul_11_2023_6702723_wmsliteapi.js Show response
js.zohocdn.com/ichat/js/ Frame 84CA 23 KB
9 KB 88ms
86ms Script
application/javascript 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/ichat/js/Jul_11_2023_6702723_wmsliteapi.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton1_2b05ea670f5e348179e73dcc94209873_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

cba1cddef35e874d98bc4fd197851a731f71a09959573ec438a70a478274c88f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 8244
x-xss-protection: 1
last-modified: Tue, 11 Jul 2023 13:30:35 GMT
server: ZGS
nb-request-id: efbe5e39b2186b86b5163573e1147da6
etag: "0187e2313943429eee5ece966cd8ad36"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ca1-e734939d99f4426c8565c7235d3c1c8c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 siqnewchatwindow_5c39a0d27a99f0029ac39e6531d967bb_.js Show response
js.zohocdn.com/salesiq/js/ Frame 84CA 1 MB
331 KB 89ms
87ms Script
application/javascript 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/siqnewchatwindow_5c39a0d27a99f0029ac39e6531d967bb_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton1_2b05ea670f5e348179e73dcc94209873_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

1ed6d36c6306ee49285307a15249a8a43e2b5121a7ea8451acd19c856e144e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 337789
x-xss-protection: 1
last-modified: Wed, 12 Jul 2023 06:55:00 GMT
server: ZGS
nb-request-id: 1e0471cb12e1fe02d20b9f61012ab536
etag: "639fc9dbe527405d01446ebc48674aa1"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ca1-0510d92725dd4649b79a409801b443a3
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 resource_844f219e79ebafd70e70b56f8169effe_.js Show response
js.zohocdn.com/salesiq/js/resource/embed/ Frame 84CA 48 KB
15 KB 294ms
293ms Script
application/javascript 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/resource/embed/resource_844f219e79ebafd70e70b56f8169effe_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton1_2b05ea670f5e348179e73dcc94209873_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

7c2940ddf0b04bf979fa2186b8d5bcbb912ec3da7b89411f90267c2a44e41470

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14851
x-xss-protection: 1
last-modified: Mon, 03 Jul 2023 09:40:12 GMT
server: ZGS
nb-request-id: 1886f825eac4b86bfc98e6e2e73e442a
etag: "18f147b50edc2d001064ab3f3f3382bf"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ca1-7c35a3874728491e8f1db35b575abb2c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 siq_df7a33e7f9075cf8e624bd35984c7262_.ttf
css.zohocdn.com/salesiq/styles/fonts/float/ 12 KB
9 KB 71ms
70ms Font
font/ttf 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/fonts/float/siq_df7a33e7f9075cf8e624bd35984c7262_.ttf

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/floatbuttonpostload_0ecf950aecfaf2a7278d824d307c9e54_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

b272e48a2f4a0163b3acba3b5db3324c07a4519197287dc63d70dd870a2a8119

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://css.zohocdn.com/salesiq/styles/floatbuttonpostload_0ecf950aecfaf2a7278d824d307c9e54_.css
Origin: https://rewards.berkeleypayment.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000, max-age=63072000
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin, cross-origin
content-length: 8214
x-xss-protection: 1
last-modified: Tue, 01 Mar 2022 17:15:35 GMT
server: ZGS
nb-request-id: 39d07ef7b27cdf3ee630e303eca46038
etag: "7d0cf6743b92dec00144647c374f0639"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
content-language: en-US
z-origin-id: ux4-87782e2fe10740458de608a38219feec
accept-ranges: bytes
timing-allow-origin: *, *

GET
H2 200 9a69dab4_wmsbridge.js Show response
js.zohocdn.com/ichat/js/ Frame 84CA 15 KB
5 KB 137ms
130ms Script
application/javascript 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/ichat/js/9a69dab4_wmsbridge.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/ichat/js/Jul_11_2023_6702723_wmsliteapi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

3f02ee19f1c00f25106b201983b8c6347b0856bb45562a78b541b470d9bb7936

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4527
x-xss-protection: 1
last-modified: Tue, 27 Jun 2023 12:59:56 GMT
server: ZGS
nb-request-id: 194bd2896fda8990456b9576462b78cc
etag: "06666019473c7f6de2ce866961bd9e9a"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ca1-9bc17b3ae5fd4023a4aacb5728633104
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200 fetchvisitorconfigurations.ls Show response
salesiq.zohopublic.com/berkelypayment/ Frame 84CA 770 B
1 KB 383ms
116ms XHR
application/json 136.143.190.97

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zohopublic.com/berkelypayment/fetchvisitorconfigurations.ls?avuid=2268e8e8-668f-4122-a04b-a47d319bb7f6&lsid=432177000000002043&visitor_question=undefined&fetchallfields=true&app_status=online

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/siqnewchatwindow_5c39a0d27a99f0029ac39e6531d967bb_.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.190.97 -, , ASN (),

Reverse DNS

Software

ZGS /

Resource Hash

ac0535e90ce31c37de54734d15a3c6d7e768dff4a696b5e3b683730c947396df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Referer: https://rewards.berkeleypayment.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 12 Jul 2023 18:35:28 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Server: ZGS
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 770
X-XSS-Protection: 1

GET
H2 200 security-html-sanitizer.min.js Show response
js.zohocdn.com/zohosecurity/v5_0/js/ Frame 84CA 27 KB
11 KB 68ms
67ms Script
application/javascript 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/zohosecurity/v5_0/js/security-html-sanitizer.min.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/siqnewchatwindow_5c39a0d27a99f0029ac39e6531d967bb_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

19d49f275aed32056d7a54248db3559c219f86541563090788f8a9812a0b9bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000, max-age=63072000
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin, cross-origin
content-length: 10688
x-xss-protection: 1
last-modified: Thu, 26 Aug 2021 06:14:10 GMT
server: ZGS
nb-request-id: f26eaf8b166c6f1c18c05d51f8b52b46
etag: "16e09f706d00343e3265b1dd7a230dd5"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ux4-3adcc7594dbc4ed89c28485a4d244a9e
accept-ranges: bytes
timing-allow-origin: *, *

GET
H2 200 security-url-validator.min.js Show response
js.zohocdn.com/zohosecurity/v5_0/js/ Frame 84CA 5 KB
3 KB 136ms
135ms Script
application/javascript 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/zohosecurity/v5_0/js/security-url-validator.min.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/siqnewchatwindow_5c39a0d27a99f0029ac39e6531d967bb_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

00c9b79025fc8e5f70090b7e6fb91bf1d468e9daaffb1c5700105e37b572f685

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000, max-age=63072000
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin, cross-origin
content-length: 2641
x-xss-protection: 1
last-modified: Thu, 26 Aug 2021 06:14:10 GMT
server: ZGS
nb-request-id: f2f35b0f61928a76ac9d8eba4aa9bcfb
etag: "3904d1666958afd66ede81e6a18aba4b"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ux4-b6543cc20c1741ec85fe2c63269989fd
accept-ranges: bytes
timing-allow-origin: *, *

GET
H2 200 siq_126d03bdd2b5b096575c5888e0c456c2_.ttf
css.zohocdn.com/salesiq/styles/fonts/cw/ Frame 84CA 34 KB
21 KB 87ms
86ms Font
font/ttf 199.67.85.76
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/fonts/cw/siq_126d03bdd2b5b096575c5888e0c456c2_.ttf

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/newembedtheme_b181c7e2367cfe4e97de8b09c18b910a_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.67.85.76 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

2f91199e5e8c4600f10c540b7d9db7552abbca403ac6b8c16a5760e3f4fb6463

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://css.zohocdn.com/salesiq/styles/newembedtheme_b181c7e2367cfe4e97de8b09c18b910a_.css
Origin: https://rewards.berkeleypayment.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 20853
x-xss-protection: 1
last-modified: Fri, 13 Jan 2023 12:51:48 GMT
server: ZGS
nb-request-id: 9ae2a8516782eaa7805895e1c4eb3205
etag: "3ccbb36bf5fe6c13d2d835413a0247fd"
vary: Accept-Encoding
content-type: font/ttf
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ca1-d57ed258d35045568c208fb37b8988e6
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200 photo.ls
salesiq.zohopublic.com/berkelypayment/clogo/0_682116402/ Frame 84CA 5 KB
6 KB 335ms
124ms Image
image/png 136.143.190.97

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salesiq.zohopublic.com/berkelypayment/clogo/0_682116402/photo.ls?nps=202

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.190.97 -, , ASN (),

Reverse DNS

Software

ZGS /

Resource Hash

77b013a7ee87dcb68a1b4b247f608afc6092b5641c0e8028e6b99ebb52535083

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rewards.berkeleypayment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
Date: Wed, 12 Jul 2023 18:35:28 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Last-Modified: Mon, 14 Jan 2019 21:42:03 GMT
Server: ZGS
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: image/png;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public
Connection: keep-alive
X-XSS-Protection: 1
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rewards.berkeleypayment.com/	1970-01-20 17:32:18	Name: ubvs Value: 5760f293-0e9b-4409-b60c-2aae58de740d
.berkeleypayment.com/	1970-01-20 13:17:26	Name: ubvt Value: v2%7C5760f293-0e9b-4409-b60c-2aae58de740d%7Cb6e178fd-ef0d-4945-afee-4ebec6b5befa%3Aa%3Asingle
rewards.berkeleypayment.com/	1970-01-20 17:38:04	Name: ubpv Value: a%2Cb6e178fd-ef0d-4945-afee-4ebec6b5befa
.berkeleypayment.com/	1970-01-20 15:22:42	Name: _gcl_au Value: 1.1.1041151544.1689186916
salesiq.zoho.com/	1969-12-31 23:59:59	Name: LS_CSRF_TOKEN Value: 725d1cf6-25f5-44a0-bb48-13928367a178
salesiq.zoho.com/	1970-01-20 13:56:18	Name: uesign Value: 89a73511616941195f63998b164ee2fa66103a99b87a88d6fb856a58658c7a32e8db8191ec8c75161ffaddd8a84a8e1c
.doubleclick.net/	1970-01-20 22:49:06	Name: IDE Value: AHWqTUnXDXx1DmlvURXTSk4DZ8LVeo4ok2bN78mtKpuoKiL2ydf7INW4d1rf1LFy
.rewards.berkeleypayment.com/	1970-01-20 22:49:06	Name: berkelypayment-_zldp Value: NUmJkQ6n0AMY0lUw85RLzxr1AFqWy0dqyd753KMQ1JxV%2BtlPUJOKBTex9Vg6XdqpodoRkLyJC2Y%3D
.rewards.berkeleypayment.com/	1970-01-20 13:14:33	Name: berkelypayment-_zldt Value: a74e1d68-ad96-45f4-8795-85b2bd8ef0bb-1
.adsrvr.org/	1970-01-20 22:00:09	Name: TDID Value: ba04b343-cbae-4492-a920-95e5254060dc
.yahoo.com/	1970-01-20 21:59:04	Name: A3 Value: d=AQABBGbyrmQCEI3QKQhnGDqMXEaQkMSwatEFEgEBAQFDsGS4ZNxH0iMA_eMAAA&S=AQAAAn5JA0rNlCPPWCHAG1pvXeM
.demdex.net/	1970-01-20 17:32:18	Name: demdex Value: 31297009104188377100425743729080226989
.analytics.yahoo.com/	1970-01-20 21:58:42	Name: IDSYNC Value: 1769~2cqi
.dpm.demdex.net/	1970-01-20 17:32:18	Name: dpm Value: 31297009104188377100425743729080226989
.adsrvr.org/	1970-01-20 22:00:09	Name: TDCPM Value: CAESEwoEa3J1eBILCPqIiOaYxIE8EAUSEgoDYWFtEgsI-oiI5pjEgTwQBRIZCgpyaWdodG1lZGlhEgsI-oiI5pjEgTwQBRgFIAEoAzILCPqAi5OvxIE8EAU4AUIEIgIIAVoHemhtNHhuZGAB
.krxd.net/	1970-01-20 17:32:18	Name: _kuid_ Value: Pq5iJnbq

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://rewards.berkeleypayment.com/ Message: The resource https://js.zohocdn.com/ichat/js/9a69dab4_wmsbridge.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.krxd.net
builder-assets.unbounce.com
connect.facebook.net
css.zohocdn.com
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dpm.demdex.net
events.ub-analytics.com
fonts.gstatic.com
fonts.ub-assets.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
js.zohocdn.com
match.adsrvr.org
rewards.berkeleypayment.com
salesiq.zoho.com
salesiq.zohopublic.com
ups.analytics.yahoo.com
usermatch.krxd.net
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
108.139.29.53
136.143.190.97
142.250.176.194
143.204.138.162
18.164.115.5
18.164.96.103
18.235.124.248
199.67.85.76
204.141.43.67
2600:9000:21ea:2a00:b:3165:13c0:21
2607:f8b0:4006:806::2003
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::2008
2a03:2880:f003:c0e:face:b00c:0:3
34.198.74.222
34.200.5.231
34.200.65.202
34.205.248.193
52.223.40.198
52.4.172.57
00c9b79025fc8e5f70090b7e6fb91bf1d468e9daaffb1c5700105e37b572f685
194dc6d9ded3792aa89165f83d14f7bd20fd6bd6a4ffc79b7adf1be8844a03ca
19d49f275aed32056d7a54248db3559c219f86541563090788f8a9812a0b9bdf
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c5f2fc4a7d1ddd45d3f965b175b70973260f079bbe0fbc6eb5feee59d41a70e
1ed6d36c6306ee49285307a15249a8a43e2b5121a7ea8451acd19c856e144e03
206b0c0ba1edd2c3eb7b999ff67a6da00046bce1ba3c8078d6acf86a5d29bec9
237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c
24cce780e7d3ef2c31cbbee342bda91c0123ae1e2827cc00a241eb1426b41c33
285eceeca0df23d7ee358c167a539b4e760e85a3fcea43728a2dabfd00f24f4e
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2e9b5e6223527bd808a0627d1fd1681dd3f8ec921b5070b5f21ede83aba0be1b
2f91199e5e8c4600f10c540b7d9db7552abbca403ac6b8c16a5760e3f4fb6463
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f02ee19f1c00f25106b201983b8c6347b0856bb45562a78b541b470d9bb7936
3feae90155fd239d50449a9477041be2b880896f0dca90d5e08067acc6ee81a1
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
4b1ab4783659d7a15e270b132cbcbec8fe9ecf65d9054f501123da34311a5eda
4ec0d5bd03ceae0a1c586f333f708b97dfc702f1ea62bc5521c30a723596aec6
5a97624cffe3f1b21127be4b588587d68f520fbe80aae2bb3acbdde17c0ea141
6521f5b44b0f683d19f97028d5073b9d9fc38cc852eeb43b1eec5b7e0f42f6cf
6e0db66cbb5a1db384c10879c825697b004914329aad918a8d11cccd0f669c5e
77b013a7ee87dcb68a1b4b247f608afc6092b5641c0e8028e6b99ebb52535083
798cb9ab4d524eefcc1fff198c5e9736c690fe5b2704af123005e4ab508e4196
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7c2940ddf0b04bf979fa2186b8d5bcbb912ec3da7b89411f90267c2a44e41470
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9b146c60afa4a7418559068ef27da10cd255834a3e3fa8c0c6dea008cc2371c6
a12d6eca0b2ff544f0a77bb951ee35d7719ce9858629e3d89d6209979f41a4eb
ac0535e90ce31c37de54734d15a3c6d7e768dff4a696b5e3b683730c947396df
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b272e48a2f4a0163b3acba3b5db3324c07a4519197287dc63d70dd870a2a8119
b49d4247b11ffc669fd7a1cf3f5578ab3c3404a0ebf6dc46a352379b6fea2691
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
bebfc460ddfaa991496c02a9f0464d3b0542d95e7345df674bee317298d0b8a2
c6e68f30694f9337c17145e08cbdc96082f6b7f8e1a9de52a6f6b51039920994
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cba1cddef35e874d98bc4fd197851a731f71a09959573ec438a70a478274c88f
ce181f909840c9cf123389adf8e3d191c5b9fb74a14aebb4fae633a6ea661b60
d6f8618537add23be7a55f42d91f7acc3b2d72df25accae865a5508821741fd2
df802c1599a53e54aa43be2f4c167c7d02e7adcaa522f2be53d92612cbd46977
e14853c9a18b8e2264fcd908f9a410515b063a36bc6e18e7c9c4f0ff4ee961a0
e6e900c7904ac31a981f9ee11b308425bcd61450288e5e20cbfff5d2695e8a60
ecd77982ec937fa5684c00a4cee5149c41d993eea85682c05d0d838b3875874f
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd6b6c981727d003c8651853ac516451bf858909773e77181616e23af6502ef
f288fe4f563483fea1755a8a8211cb463efe0a3d4cfba3abd205bd0fc5bd2226
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
fbeba5c39f4c8dbb9b9a0180608697113a979b02d1b85af9ab8285f038f3e47a

rewards.berkeleypayment.com Open in urlscan Pro 34.205.248.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

58 Requests

97 %HTTPS

32 %IPv6

18 Domains

24 Subdomains

20 IPs

1 Countries

1636 kBTransfer

4115 kBSize

16 Cookies

0 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rewards.berkeleypayment.com Open in urlscan Pro
34.205.248.193 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

97 %
HTTPS

32 %
IPv6

18
Domains

24
Subdomains

20
IPs

1
Countries

1636 kB
Transfer

4115 kB
Size

16
Cookies

58 HTTP transactions
1 data transactions