urlscan.io logo urlscan.io
SecurityTrails logo

www.therewardhub.com Open in urlscan Pro
104.16.177.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://support.intercom-mail.eu/ntfy/Bgd73dVxMNsDyBtdQwzVn29l4-zC46e6
Effective URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQ...
Submission: On December 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 53 HTTP transactions. The main IP is 104.16.177.36, located in and belongs to CLOUDFLARENET, US. The main domain is www.therewardhub.com. The Cisco Umbrella rank of the primary domain is 262682.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 10th 2023. Valid for: a year.
This is the only time www.therewardhub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:207... 16509 (AMAZON-02)
21 104.16.177.36 13335 (CLOUDFLAR...)
4 104.16.176.36 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.98.128 16509 (AMAZON-02)
7 18.66.147.43 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
7 54.76.250.250 16509 (AMAZON-02)
3 18.155.153.82 16509 (AMAZON-02)
53 9
1    2600:9000:2070:f600:8:da46:f080:93a1 (United States)

ASN16509 (AMAZON-02, US)
support.intercom-mail.eu
21    104.16.177.36 (None, )

ASN13335 (CLOUDFLARENET, US)
www.therewardhub.com
4    104.16.176.36 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.therewardhub.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    143.204.98.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-128.fra50.r.cloudfront.net
widget.intercom.io
7    18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net
js.intercomcdn.com
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
7    54.76.250.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-250-250.eu-west-1.compute.amazonaws.com
api-iam.eu.intercom.io
3    18.155.153.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-153-82.ham50.r.cloudfront.net
static.intercomassets.eu
Apex Domain
Subdomains		 Transfer
25 therewardhub.com
www.therewardhub.com — Cisco Umbrella Rank: 262682
cdn.therewardhub.com — Cisco Umbrella Rank: 353657
2 MB
8 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1721
api-iam.eu.intercom.io — Cisco Umbrella Rank: 45805
18 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 324
130 KB
7 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2136
660 KB
3 intercomassets.eu
static.intercomassets.eu — Cisco Umbrella Rank: 165617
19 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 548
303 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
76 KB
1 intercom-mail.eu
support.intercom-mail.eu
4 KB
53 8
Domain Requested by
21 www.therewardhub.com www.therewardhub.com
8 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
7 api-iam.eu.intercom.io js.intercomcdn.com
7 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
4 cdn.therewardhub.com www.therewardhub.com
cdn.therewardhub.com
3 static.intercomassets.eu js.intercomcdn.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 widget.intercom.io www.therewardhub.com
1 www.googletagmanager.com www.therewardhub.com
1 support.intercom-mail.eu 1 redirects
53 10

This site contains links to these domains. Also see Links.

Domain
www.ico.org.uk
cookiepedia.co.uk
www.onetrust.com
Subject Issuer Validity Valid
therewardhub.com
Cloudflare Inc ECC CA-3		 2023-01-10 -
2024-01-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-04 -
2024-05-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.eu.intercom.io
Amazon RSA 2048 M01		 2023-05-10 -
2024-06-07		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Frame ID: CE9B9F627BDF2525D444FC34A0361A2B
Requests: 36 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.2b58570a.js
Frame ID: C5529D76B4541CB7FF115A6C44A9D53E
Requests: 15 HTTP requests in this frame

Frame: https://static.intercomassets.eu/avatars/50018882/square_128/iStock_4-1699954004.jpeg
Frame ID: E12565D01B2CBE5EC52BFAA0591EED96
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Single Sign On FailedBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://support.intercom-mail.eu/ntfy/Bgd73dVxMNsDyBtdQwzVn29l4-zC46e6 HTTP 307
    https://support.intercom-mail.eu/ntfy/Bgd73dVxMNsDyBtdQwzVn29l4-zC46e6 HTTP 302
    https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dva... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

100 %
HTTPS

40 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

2704 kB
Transfer

5939 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://support.intercom-mail.eu/ntfy/Bgd73dVxMNsDyBtdQwzVn29l4-zC46e6 HTTP 307
    https://support.intercom-mail.eu/ntfy/Bgd73dVxMNsDyBtdQwzVn29l4-zC46e6 HTTP 302
    https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request HttpPost
www.therewardhub.com/cnahardy/open/sso/saml2/
Redirect Chain
  • http://support.intercom-mail.eu/ntfy/Bgd73dVxMNsDyBtdQwzVn29l4-zC46e6
  • https://support.intercom-mail.eu/ntfy/Bgd73dVxMNsDyBtdQwzVn29l4-zC46e6
  • https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoV...
7 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b94faffa1d90bd953c7e782dfbba8be4e5c9e2c04d94c9e49d9109687aa61d26
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
82eac152f9257188-FRA
Cache-Control
private, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Fri, 01 Dec 2023 10:47:59 GMT
Expires
Fri, 01 Dec 2023 10:47:59 GMT
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
Referrer-Policy
strict-origin-when-cross-origin
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 google
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge,chrome=1
X-Xss-Protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'self'; base-uri 'self'; child-src 'self' docs.google.com fast.wistia.net fast.wistia.com js.stripe.com hooks.stripe.com platform.twitter.com player.vimeo.com staticxx.facebook.com www.facebook.com web.facebook.com www.loom.com play.vidyard.com web.microsoftstream.com share.synthesia.io embed.app.guidde.com share.descript.com www.youtube.com www.youtube-nocookie.com content.jwplatform.com players.brightcove.net intercom-sheets.com app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com gtm.intercom-marketing.com intercominc.typeform.com www.intercom-reporting.com insight.adsrvr.org apisandbox.zuora.com zuora.com www.zuora.com *.my.connect.aws www.recaptcha.net intercom.help intercom-help.eu au.intercom.help sharepoint.com *.sharepoint.com; connect-src 'self' app.intercom.com api-iam.intercom.io api-ping.intercom.io api-visitor-analytics.intercom.com nexus-websocket-a.intercom.io via.intercom.io wss://nexus-websocket-a.intercom.io nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io uploads.intercomcdn.com uploads.intercomcdn.eu uploads.au.intercomcdn.com static.intercomassets.com app.getsentry.com sentry.io api.stripe.com meet.intercom.com meet.eu.intercom.com meet.au.intercom.com preview.intercom.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com static.intercomassets.eu app.eu.intercom.com api-iam.eu.intercom.io static.au.intercomassets.com api-iam.au.intercom.io api.au.intercom.io *.intercom-chat.com wss://*.nexus.intercom-chat.com *.messenger.intercom-chat.com graph.facebook.com *.twilio.com wss://*.twilio.com frontend-telemetry.intercom.io frontend-telemetry.eu.intercom.io frontend-telemetry.au.intercom.io user-presence.intercom.com; font-src data: https:; frame-src 'self' docs.google.com fast.wistia.net fast.wistia.com js.stripe.com hooks.stripe.com platform.twitter.com player.vimeo.com staticxx.facebook.com www.facebook.com web.facebook.com www.loom.com play.vidyard.com web.microsoftstream.com share.synthesia.io embed.app.guidde.com share.descript.com www.youtube.com www.youtube-nocookie.com content.jwplatform.com players.brightcove.net intercom-sheets.com app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com gtm.intercom-marketing.com intercominc.typeform.com www.intercom-reporting.com insight.adsrvr.org apisandbox.zuora.com zuora.com www.zuora.com *.my.connect.aws www.recaptcha.net intercom.help intercom-help.eu au.intercom.help sharepoint.com *.sharepoint.com; img-src data: blob: https:; media-src data: blob: https:; object-src 'none'; script-src 'self' js.intercomcdn.com static.intercomassets.com store.intercomassets.com billing-admin.intercomassets.com billing-internal.intercomcdn.com developer-home.intercomassets.com store.intercom.io widget.intercom.io api.tiles.mapbox.com connect.facebook.net js.stripe.com platform.twitter.com switchet.s3.amazonaws.com www.google-analytics.com munchkin.marketo.net app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com dp3rct5vic41c.cloudfront.net static.intercomassets.eu static.au.intercomassets.com static.zuora.com p.trellocdn.com www.recaptcha.net; style-src 'self' 'unsafe-inline' static.intercomassets.com billing-internal.intercomcdn.com developer-home.intercomassets.com static.intercomcdn.com marketing.intercomassets.com api.tiles.mapbox.com fonts.googleapis.com maxcdn.bootstrapcdn.com app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com fonts.intercomcdn.com static.intercomassets.eu static.au.intercomassets.com; report-uri https://app.getsentry.com/api/66205/csp-report/?sentry_key=0d13edc0ffce4b02bd7bc48d0b497300
content-type
text/html; charset=utf-8
date
Fri, 01 Dec 2023 10:47:58 GMT
location
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
server
nginx
status
302 Found
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 6ef6a480e6faf3876201c8f86486bbce.cloudfront.net (CloudFront)
x-ami-version
ami-0fb9a46d175694e58
x-amz-cf-id
BecWyDkRtYxPQZ5Jx1f8KBsOX5LqQebwRNCnuDdNXeYJC3K7ugb3Bw==
x-amz-cf-pop
HAM50-C3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-intercom-version
a07c3b34254e5e5598e3421a2ad5570555141338
x-request-id
0000jt4irkj61hqo4eg0
x-request-queueing
0
x-runtime
0.051778
x-xss-protection
1; mode=block
T4rzOLU8_WbO0eMr7EemezKDvp8.js
www.therewardhub.com/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cdn-cgi/apps/head/T4rzOLU8_WbO0eMr7EemezKDvp8.js
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2681036c94eb9b2db2f623222847aa6cda22bd98b1f7963aab982ab4eacbbecb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-version-id
zvk23.elhKipuwac16k.ai9Mm54mMdnm
CF-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
93PFXJ151JJSXSXV
Age
2698590
Connection
keep-alive
Content-Length
1659
x-amz-id-2
WQ9ZLdpS0kf0bMBDQyDGr7j1/ZUH6PJdow+DakIPdLhc9iJ4FsfSGnj/W49XIxRJpdh2jbc1X/E=
Last-Modified
Thu, 21 Jul 2022 13:35:21 GMT
Server
cloudflare
ETag
"1205c25221efa7ce7b06dd5e104856c7"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
82eac153a9987188-FRA
Expires
Sat, 30 Nov 2024 10:47:59 GMT
Master.min.css
www.therewardhub.com/cnahardy/Resources/Styles/Shared/ 		47 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Resources/Styles/Shared/Master.min.css
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6477eaaf9e4a2b06c841a6866d989e0ddd448d2dfd5e3ad973076876355c76d4
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
MISS
Via
1.1 google
Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 23 Nov 2023 11:53:06 GMT
Server
cloudflare
ETag
W/"0fdde9e31eda1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
CF-RAY
82eac153c87b9b9b-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
_SiteNavigation.min.css
www.therewardhub.com/cnahardy/Resources/Styles/Shared/ 		7 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Resources/Styles/Shared/_SiteNavigation.min.css
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6de69e6af62408b59c3ce5d7456ce351de7b4d0f8365e2815cce1aa4a662a2
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
MISS
Via
1.1 google
Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 23 Nov 2023 11:53:06 GMT
Server
cloudflare
ETag
W/"0fdde9e31eda1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
CF-RAY
82eac153cb7f65bb-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
ContentControls.min.css
www.therewardhub.com/cnahardy/Resources/Styles/Shared/ 		7 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Resources/Styles/Shared/ContentControls.min.css
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d319b919ded7785c29f3be59f107e4eff0c8ac074922b105b2e0b724bde8d55c
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
MISS
Via
1.1 google
Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 23 Nov 2023 11:53:06 GMT
Server
cloudflare
ETag
W/"0fdde9e31eda1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
CF-RAY
82eac153caf071d0-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
SsoFailed.min.css
www.therewardhub.com/cnahardy/Resources/Styles/Open/ 		2 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Resources/Styles/Open/SsoFailed.min.css
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ac9ded224fc980d4c5d880b3a8ac4cad4a782ca627c3dfd862621ff33e49d33
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
MISS
Via
1.1 google
Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 23 Nov 2023 11:53:06 GMT
Server
cloudflare
ETag
W/"0fdde9e31eda1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
CF-RAY
82eac153ce6b1c32-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
client-branding.min.css
cdn.therewardhub.com/cnahardy/content/styles/shared/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.therewardhub.com/cnahardy/content/styles/shared/client-branding.min.css
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.176.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d39a81f1ee71b97b2e324621e49c3506d87ef3d9261861c81512ff826bb60a08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
Content-Encoding
gzip
Transfer-Encoding
chunked
X-GUploader-UploadID
ABPtcPrnm0oemORQPqntci09a6_q_2p6Lp_CDSmLiog9eH7S-U39sVmgHZXyQ-Fsng9fB7fw5mU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Thu, 27 Apr 2023 06:06:16 GMT
Server
cloudflare
ETag
W/"c07e04212dbefe95a225ab83f80ad62e"
Vary
Accept-Encoding
x-goog-generation
1682575576592828
Content-Type
text/css
x-goog-hash
crc32c=eC5cSw==, md5=wH4EIS2+/pWiJauD+ArWLg==
Cache-Control
public, max-age=300
x-goog-stored-content-length
18197
CF-RAY
82eac153d8b3927d-FRA
Expires
Fri, 01 Dec 2023 10:52:59 GMT
vendor.js
www.therewardhub.com/cnahardy/Scripts/dist/ 		592 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Scripts/dist/vendor.js?bac2ac72aaa770f3b0f1
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0346057c1c61304771f4dd138dcc7e0ad4c6f7488fc0da1eb480b43057f775
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
MISS
Via
1.1 google
Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 23 Nov 2023 11:54:42 GMT
Server
cloudflare
ETag
W/"06d17d831eda1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
CF-RAY
82eac153c9a47188-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
jquery.js
www.therewardhub.com/cnahardy/Scripts/dist/ 		303 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Scripts/dist/jquery.js?bac2ac72aaa770f3b0f1
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980916a35f525783b0f455667cd2ee3bbeaa065edf09bc6e5dada6813b2bf7d3
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
MISS
Via
1.1 google
Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 23 Nov 2023 11:54:42 GMT
Server
cloudflare
ETag
W/"06d17d831eda1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
CF-RAY
82eac153ce066931-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
benefex.js
www.therewardhub.com/cnahardy/Scripts/dist/ 		146 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Scripts/dist/benefex.js?bac2ac72aaa770f3b0f1
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b8cab927b0e2d903c08b61f930e84c9d8d999d11b7f23ce6ac7bde2b0882a2c
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
MISS
Via
1.1 google
Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 23 Nov 2023 11:54:42 GMT
Server
cloudflare
ETag
W/"06d17d831eda1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
CF-RAY
82eac1541c0065bb-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
app.js
www.therewardhub.com/cnahardy/Scripts/dist/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Scripts/dist/app.js?bac2ac72aaa770f3b0f1
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee98489d4c12217afbf171860656a1cf4a8b1fa4af10a07d9bdaad334c64f2b9
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
MISS
Via
1.1 google
Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 23 Nov 2023 11:54:42 GMT
Server
cloudflare
ETag
W/"06d17d831eda1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
CF-RAY
82eac15428e59b9b-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
SsoFailed.js
www.therewardhub.com/cnahardy/Resources/Scripts/Open/ 		742 B
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Resources/Scripts/Open/SsoFailed.js
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd58effb58ce4f21f85458651adc8871e96696ec766ba20be320d1489bb7d7f3
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
MISS
Via
1.1 google
Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 23 Nov 2023 11:53:06 GMT
Server
cloudflare
ETag
W/"0fdde9e31eda1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
CF-RAY
82eac1542b6c71d0-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
dX5dyiwuIufz09l4DSPnKWgiLFk.js
www.therewardhub.com/cdn-cgi/apps/body/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cdn-cgi/apps/body/dX5dyiwuIufz09l4DSPnKWgiLFk.js
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cdn-cgi/apps/head/T4rzOLU8_WbO0eMr7EemezKDvp8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f4a23a5dff2db1a73424811f09672625c42a70e65726e92857b52cdf4131c53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-version-id
HPEXA5NzT7VnC_wP2HIAZNsQAkrtIjKG
CF-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
AJSG3AR1SEK31N50
Age
193086
Connection
keep-alive
Content-Length
1465
x-amz-id-2
dSBAc5ZPQNagsr+A+bb3JgKAvw8lQgjmOm1pCgTOlJQ8fR52tdlySUK0I5z9KtSob5UnyVZEGE8=
Last-Modified
Thu, 21 Jul 2022 13:35:20 GMT
Server
cloudflare
ETag
"2cc96ed6daa74d9159ed6ae3cb97200a"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
82eac1542edc1c32-FRA
Expires
Sat, 30 Nov 2024 10:47:59 GMT
gtm.js
www.googletagmanager.com/ 		250 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TJCVQFN
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cdn-cgi/apps/body/dX5dyiwuIufz09l4DSPnKWgiLFk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67f3eea9befc9fc2a7648ab004a0ed04876f7a91b0c2a9287f4b3760c5defb72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 10:47:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77858
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Dec 2023 10:47:59 GMT
bg_main.jpg
cdn.therewardhub.com/cnahardy/content/images/ 		927 KB
928 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.therewardhub.com/cnahardy/content/images/bg_main.jpg
Requested by
Host: cdn.therewardhub.com
URL: https://cdn.therewardhub.com/cnahardy/content/styles/shared/client-branding.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.176.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6308d8891499f3382b402b0bdb9e396e19aa33df401ac82df2381af49b4e90c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.therewardhub.com/cnahardy/content/styles/shared/client-branding.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
X-GUploader-UploadID
ABPtcPqfE6u7M60VWXN1-RgDIvVrjzy0cLiwpqtuv31dN7pkI04isAhRY2VU8Y6FBUR49KUwUaw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
949519
Last-Modified
Thu, 27 Apr 2023 06:06:14 GMT
Server
cloudflare
ETag
"d172f2bd54511ecf1fee1e9ed52e40f7"
Vary
Accept-Encoding
x-goog-generation
1682575574427582
Content-Type
image/jpeg
x-goog-hash
crc32c=gVjdWQ==, md5=0XLyvVRRHs8f7h6e1S5A9w==
Cache-Control
public, max-age=300
x-goog-stored-content-length
949519
Accept-Ranges
bytes
CF-RAY
82eac1545970927d-FRA
Expires
Fri, 01 Dec 2023 10:52:59 GMT
header-sprite1.png
cdn.therewardhub.com/cnahardy/content/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.therewardhub.com/cnahardy/content/images/header-sprite1.png
Requested by
Host: cdn.therewardhub.com
URL: https://cdn.therewardhub.com/cnahardy/content/styles/shared/client-branding.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.176.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19690f4e8d8e55402f3aab1fa0a1f7caf2f0a78f3b0a244b4b3a23080185b5cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.therewardhub.com/cnahardy/content/styles/shared/client-branding.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
X-GUploader-UploadID
ABPtcPp-RIKtgcVlHElNirrIrj19oNQVUQga4o3981XGONAqJqeyRXHKASiRnYY2lu2W7aJhfTpJupQBFg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
4336
Last-Modified
Thu, 27 Apr 2023 06:06:14 GMT
Server
cloudflare
ETag
"68af7b5999f8f74b1794eba5946516f9"
Vary
Accept-Encoding
x-goog-generation
1682575574701558
Content-Type
image/png
x-goog-hash
crc32c=8GbcsA==, md5=aK97WZn490sXlOullGUW+Q==
Cache-Control
public, max-age=300
x-goog-stored-content-length
4336
Accept-Ranges
bytes
CF-RAY
82eac15478ac18cb-FRA
Expires
Fri, 01 Dec 2023 10:52:59 GMT
header-sprite2.png
cdn.therewardhub.com/cnahardy/content/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.therewardhub.com/cnahardy/content/images/header-sprite2.png
Requested by
Host: cdn.therewardhub.com
URL: https://cdn.therewardhub.com/cnahardy/content/styles/shared/client-branding.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.176.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ea80d4cea5a8f3cf05004d9b6fea1105c80ba284d7e8583eb6420e4d307ed98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.therewardhub.com/cnahardy/content/styles/shared/client-branding.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
X-GUploader-UploadID
ABPtcPrhCdLNlMVRe7myT_YwdCe2XUG4WWBrTBjSaFUyPp1uNv6Y51Hp8V5As8cvx7gaX5Gcxms
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
11836
Last-Modified
Thu, 27 Apr 2023 06:06:17 GMT
Server
cloudflare
ETag
"caa1442bf4353caafb917511b997f0b7"
Vary
Accept-Encoding
x-goog-generation
1682575577046745
Content-Type
image/png
x-goog-hash
crc32c=bY5dLA==, md5=yqFEK/Q1PKr7kXURuZfwtw==
Cache-Control
public, max-age=300
x-goog-stored-content-length
11836
Accept-Ranges
bytes
CF-RAY
82eac1547a77039a-FRA
Expires
Fri, 01 Dec 2023 10:52:59 GMT
exception.png
www.therewardhub.com/cnahardy/Resources/Styles/Images/ 		103 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therewardhub.com/cnahardy/Resources/Styles/Images/exception.png
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/Resources/Styles/Open/SsoFailed.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/cnahardy/Resources/Styles/Open/SsoFailed.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Via
1.1 google
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Connection
keep-alive
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
CF-RAY
82eac1545f171c32-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
Nunito-Regular.ttf
www.therewardhub.com/cnahardy/Resources/Fonts/ 		149 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Resources/Fonts/Nunito-Regular.ttf
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/Resources/Styles/Shared/Master.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e2747806c4a30f0d4f39596a13dd97dc5484b96845d945d90b300e1bbdebc72
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therewardhub.com/cnahardy/Resources/Styles/Shared/Master.min.css
Origin
https://www.therewardhub.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
MISS
Via
1.1 google
Connection
keep-alive
Content-Length
152932
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 23 Nov 2023 11:53:06 GMT
Server
cloudflare
ETag
"0fdde9e31eda1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/x-font-ttf
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
Accept-Ranges
bytes
CF-RAY
82eac154693b9b9b-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
Nunito-Light.ttf
www.therewardhub.com/cnahardy/Resources/Fonts/ 		148 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Resources/Fonts/Nunito-Light.ttf
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/Resources/Styles/Shared/Master.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d4c5a89428f032e3851eed4f903a1c800c2bde74f3893f3ac62782ed67cfbf
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therewardhub.com/cnahardy/Resources/Styles/Shared/Master.min.css
Origin
https://www.therewardhub.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
HIT
Via
1.1 google
Age
2885
Connection
keep-alive
Content-Length
151364
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 23 Nov 2023 11:53:06 GMT
Server
cloudflare
ETag
"0fdde9e31eda1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/x-font-ttf
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
Accept-Ranges
bytes
CF-RAY
82eac1547e966931-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
Nunito-Bold.ttf
www.therewardhub.com/cnahardy/Resources/Fonts/ 		149 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Resources/Fonts/Nunito-Bold.ttf
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/Resources/Styles/Shared/Master.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b9e27ba172e5b535b1d0564b4882f74aecc77a4dc4d20fc400bd2b2bc4418c1
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therewardhub.com/cnahardy/Resources/Styles/Shared/Master.min.css
Origin
https://www.therewardhub.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
MISS
Via
1.1 google
Connection
keep-alive
Content-Length
152748
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 23 Nov 2023 11:53:06 GMT
Server
cloudflare
ETag
"0fdde9e31eda1:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/x-font-ttf
Cache-Control
public, max-age=14400
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
Accept-Ranges
bytes
CF-RAY
82eac1547bca71d0-FRA
Expires
Fri, 01 Dec 2023 14:47:59 GMT
/
www.therewardhub.com/navigation/cnahardy/ 		245 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/navigation/cnahardy/
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/Scripts/dist/benefex.js?bac2ac72aaa770f3b0f1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3106054e698f6108267182902201d8829c8317a9a2fe27e3ae2f171972dea75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Via
1.1 google
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
Server
cloudflare
X-RequestId
fa0dbaf9-d33b-47ee-b71b-4821ca9e10a8
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
X-Processing-Time
32
Cache-Control
no-store, must-revalidate, no-cache
Connection
keep-alive
CF-RAY
82eac1550cc571d0-FRA
Expires
Fri, 01 Dec 2023 10:47:59 GMT
/
www.therewardhub.com/cnahardy/Message/PopupLayout/ 		285 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/cnahardy/Message/PopupLayout/
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/Scripts/dist/jquery.js?bac2ac72aaa770f3b0f1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
685b125c9f79c935a251b99401871e63fc54834262b4562059ec0a3a0146e8ed
Security Headers
Name Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Via
1.1 google
Content-Security-Policy
child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
CF-Cache-Status
DYNAMIC
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
Referrer-Policy
strict-origin-when-cross-origin
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Cache-Control
private, no-store
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), screen-wake-lock=(), usb=(), web-share=(), xr-spatial-tracking=()
CF-RAY
82eac1550fbb1c32-FRA
Expires
Fri, 01 Dec 2023 10:47:59 GMT
otSDKStub.js
cdn.cookielaw.org/consent/a2641483-f87a-4346-b976-ed6a27d74359/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/a2641483-f87a-4346-b976-ed6a27d74359/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJCVQFN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5068ded0fa3ee9d983f770ef61d66e775756d2ffa665a60d36a4e3d17748ffa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Dec 2023 10:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
71161
content-md5
XUOw4rj8zlkhAK9G8+j4nQ==
content-length
6965
x-ms-lease-status
unlocked
last-modified
Thu, 21 Jul 2022 13:07:35 GMT
server
cloudflare
etag
0x8DA6B19FADA80B2
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
234182c4-101e-006e-73c3-126cac000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82eac1556f374db4-FRA
expires
Sat, 02 Dec 2023 10:47:59 GMT
/
www.therewardhub.com/content/cnahardy/ 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/content/cnahardy/?app=shell&key=copyrightText,tAndCTitleText,tAndCText,privacyStatementTitleText,privacyStatementText&culture=en-GB
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/Scripts/dist/vendor.js?bac2ac72aaa770f3b0f1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
711a0305c59f34dab87a90da579f31ec59eacca186a56917d8eb53babc5a6445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Via
1.1 google
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
X-RequestId
961209e2-f58f-4ba0-adad-3a7271cb60c0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Processing-Time
11
Connection
keep-alive
Pragma
no-cache
Server
cloudflare
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, must-revalidate, no-cache
CF-RAY
82eac1554a749b9b-FRA
Expires
Fri, 01 Dec 2023 10:47:59 GMT
/
www.therewardhub.com/content/cnahardy/ 		790 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/content/cnahardy/?app=navigation&key=currentlyImpersonating,language_,contact&culture=en-GB
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/Scripts/dist/benefex.js?bac2ac72aaa770f3b0f1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
616bdcd6f686b832aecb268a0b081084ffa2ffc8251a39ca1d4b9b9c02fade8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Via
1.1 google
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
gzip
X-RequestId
dedbd872-f9ae-433f-abea-0aac9cf003ca
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Processing-Time
10
Connection
keep-alive
Pragma
no-cache
Server
cloudflare
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, must-revalidate, no-cache
CF-RAY
82eac1558d6f71d0-FRA
Expires
Fri, 01 Dec 2023 10:47:59 GMT
a2641483-f87a-4346-b976-ed6a27d74359.json
cdn.cookielaw.org/consent/a2641483-f87a-4346-b976-ed6a27d74359/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/a2641483-f87a-4346-b976-ed6a27d74359/a2641483-f87a-4346-b976-ed6a27d74359.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/a2641483-f87a-4346-b976-ed6a27d74359/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6b7e60e2a2008a0cf95385c1ec9d9365bf443a7e224d4ba4e9aa56ddfb0164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Dec 2023 10:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
74413
content-md5
1ABddTE9t9y7Eyo5nPh7lw==
content-length
1596
x-ms-lease-status
unlocked
last-modified
Thu, 21 Jul 2022 13:07:28 GMT
server
cloudflare
etag
0x8DA6B19F6F54605
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e1e3bdbf-d01e-0085-0c7d-13145e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82eac155ad22048f-FRA
expires
Sat, 02 Dec 2023 10:47:59 GMT
x74zstsz
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/x74zstsz
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-128.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7f184f3a0f2bd23e61025ffae0b9322b79bef1b6e5e954be4e462ce5f4ca247

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
Inp6vlvxbBNjM2m.PKBv5cWgwlH.srn1
content-encoding
gzip
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 10:40:52 GMT
x-amz-cf-pop
FRA50-C1
age
440
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2705
last-modified
Thu, 30 Nov 2023 14:41:51 GMT
server
AmazonS3
etag
"a5ff02a279189bf8329ddf0ee507fb61"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
e6BSWeiIT5YHbE0omc8H4g-kq8pp9pwbhjN4WaVAVG7RYsEUzz7pNw==
frame-modern.2b58570a.js
js.intercomcdn.com/ Frame C552 		514 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.2b58570a.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/x74zstsz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7b10df757d5669f641fa828e4d1719d43d1ec964a0c767720be9de1dc5e803e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
s_6BJZEdU3GdO5Ft2jMUUZhAY7XIW9kW
content-encoding
gzip
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 10:41:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
364
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145292
last-modified
Thu, 30 Nov 2023 14:39:36 GMT
server
AmazonS3
etag
"a2b326a7d4c69e817d61dea56bb90857"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
SHGWlR0yvDLTqOjWW2onSSPAPnYXG4Y8d6qBUkQlncPz9knrivzRkQ==
vendor-modern.689650c5.js
js.intercomcdn.com/ Frame C552 		426 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.689650c5.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/x74zstsz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a98b0d22fb50853a6fbb1a665e510a9595d2dae5f86a5774f8f0c2f701955532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
9tYAPQIxXteWoLaSDpXLwgSyAUpknMzo
content-encoding
gzip
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 09:43:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
3848
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
133792
last-modified
Tue, 21 Nov 2023 15:41:26 GMT
server
AmazonS3
etag
"d0a2ac2a870e5d8e688aada7a9b12be6"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
Seodi3bi93As9vAqME_SLWe1K4SGLMxQj5s1VBbPTTPR_vraZZRFRw==
/
www.therewardhub.com/employee/cnahardy/undefined/notifications/ 		0
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therewardhub.com/employee/cnahardy/undefined/notifications/
Requested by
Host: www.therewardhub.com
URL: https://www.therewardhub.com/cnahardy/Scripts/dist/benefex.js?bac2ac72aaa770f3b0f1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.177.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.therewardhub.com/cnahardy/open/sso/saml2/HttpPost?notification_link_uid=VVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%3D%3D--d49f27109760e8bc8856f4b33147eb6ffa43f677
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 10:47:59 GMT
Via
1.1 google
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Server
cloudflare
X-RequestId
3892f14a-4fc3-48cf-91e4-b02bd2b82dd9
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Processing-Time
1
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
CF-RAY
82eac155ddb771d0-FRA
Content-Length
0
Expires
0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		66 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/a2641483-f87a-4346-b976-ed6a27d74359/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.therewardhub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 10:47:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
82eac155f8ec3a9d-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.38.0/ 		369 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/a2641483-f87a-4346-b976-ed6a27d74359/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b2b9d16fbf8d3c6be72420699360790966e58fe30d8794fd90a71c8aef122d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Dec 2023 10:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jz950M8ZW7RakPP2zlLHZQ==
age
20691
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
89624
x-ms-lease-status
unlocked
last-modified
Thu, 21 Jul 2022 06:31:17 GMT
server
cloudflare
etag
0x8DA6AE29E465D1D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3fb1c7f5-001e-0086-25a8-21f53a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82eac15638274db4-FRA
ping
api-iam.eu.intercom.io/messenger/web/ Frame C552 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.eu.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.250.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-250-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0b42aae999d7b6a155e36558583dbd883d536c70aa6648c377494e8f1f17766e
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 01 Dec 2023 10:48:00 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0fb9a46d175694e58
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00027lu7l2j0cqpvo0hg
x-runtime
0.228443
server
nginx
etag
W/"0b42aae999d7b6a155e36558583dbd88"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.therewardhub.com
x-intercom-version
a07c3b34254e5e5598e3421a2ad5570555141338
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
en.json
cdn.cookielaw.org/consent/a2641483-f87a-4346-b976-ed6a27d74359/9ebe1317-2547-4cc2-9e7d-481f54344139/ 		34 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/a2641483-f87a-4346-b976-ed6a27d74359/9ebe1317-2547-4cc2-9e7d-481f54344139/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c99fc2bfc4400002e2490abcbf9edb634ff9a3fef59ae4ae5ce14387f3231dfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Dec 2023 10:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8702
content-md5
dh+fYkIO5AtWum4hlxlIJA==
content-length
10323
x-ms-lease-status
unlocked
last-modified
Thu, 21 Jul 2022 13:07:34 GMT
server
cloudflare
etag
0x8DA6B19FA753D53
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
df635c75-e01e-0018-3cd2-21e6e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82eac156ce4b048f-FRA
expires
Sat, 02 Dec 2023 10:47:59 GMT
otFloatingRoundedCorner.json
cdn.cookielaw.org/scripttemplates/6.38.0/assets/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.38.0/assets/otFloatingRoundedCorner.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce26ecdf22dd9987049b1bdc32d7ebdfeb55b26bd607d83a13f31079bcd6e131
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Dec 2023 10:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vVhTw2jo461FW9ubIevsZg==
age
8578
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2589
x-ms-lease-status
unlocked
last-modified
Thu, 21 Jul 2022 06:31:10 GMT
server
cloudflare
etag
0x8DA6AE29A247653
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
606b9556-001e-002f-7699-223448000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82eac156fe85048f-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.38.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.38.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c36470d3b6f534495768bdd7ed92dbb0d6d8d1f3b7b69adba7153b68b90f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Dec 2023 10:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JtD7zjxzBe/apQLaCwCdaw==
age
74412
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13258
x-ms-lease-status
unlocked
last-modified
Thu, 21 Jul 2022 06:31:11 GMT
server
cloudflare
etag
0x8DA6AE29A87E4A6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
7bc9f0b5-601e-0064-2550-0dc81b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82eac156fe86048f-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.38.0/assets/ 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.38.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Dec 2023 10:47:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
TLLtdkuMahUQRVIfmZNHNw==
age
72867
x-ms-lease-status
unlocked
last-modified
Thu, 21 Jul 2022 06:31:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
0537b934-c01e-0099-63db-12463e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
82eac156fe87048f-FRA
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therewardhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 01 Dec 2023 10:47:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
12728
x-ms-lease-status
unlocked
last-modified
Thu, 30 Nov 2023 20:39:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
172587e6-c01e-0089-5c20-248356000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
82eac15739974db4-FRA
vendors~locale-de-json-modern.e79c404d.js
js.intercomcdn.com/ Frame C552 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~locale-de-json-modern.e79c404d.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c045e4ad903df573360332858f2efff833684f0528e56b910cbbf74cf0088af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
C5v.GpixSB9UD9cl7M74.mIEUgaOULXp
content-encoding
gzip
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 10:37:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
629
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9292
last-modified
Thu, 16 Nov 2023 16:59:31 GMT
server
AmazonS3
etag
"f995daee887f347abaf562cb7013d8d6"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
5nOdVl7QugFebAmqfQsMsiIleBMM9EWl5_7ICYgIOosNIyjZPy5_Dw==
196298500208796
api-iam.eu.intercom.io/messenger/web/conversations/ Frame C552 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.eu.intercom.io/messenger/web/conversations/196298500208796
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.250.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-250-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
847624d1dbccc6d334f832135f81f880131cec94e52adae74e199f4bd3070c50
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 01 Dec 2023 10:48:00 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0fb9a46d175694e58
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0006acsabk8e6spbu6pg
x-runtime
0.299922
server
nginx
etag
W/"847624d1dbccc6d334f832135f81f880"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.therewardhub.com
x-intercom-version
a07c3b34254e5e5598e3421a2ad5570555141338
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
vendors~app~tooltips-modern.03a8f602.js
js.intercomcdn.com/ Frame C552 		461 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~app~tooltips-modern.03a8f602.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
418e8e510a9d1b17570f4573bb7a5e29b7a32de9bef188831deada3e74cfc161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
OGOeH9ky9T1dTq2vVFjWGDxjAnqNdM3Z
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 10:28:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
1156
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95103
last-modified
Fri, 17 Nov 2023 12:42:44 GMT
server
AmazonS3
etag
"da271916110d8059890211b7dd4cf354"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
7m-f9C4YvpamplQ6dxzq1d3n3a267_h9bUOUKFr7ldCYYu40mlYnkA==
vendors~app-modern.ee464b0f.js
js.intercomcdn.com/ Frame C552 		376 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~app-modern.ee464b0f.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25207f18e39203f8707f6a4a015d35c8bd6878574019ab0bd494d2bf7cb3d8bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
BSo_X8dTqR5SjtuC1xYqwaKu_6P3plFz
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 09:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
3034
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
99602
last-modified
Thu, 16 Nov 2023 16:59:31 GMT
server
AmazonS3
etag
"c489ac6801f2c86bfa5b6d9c8ff5bc81"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
yaviMHxR7Y7di3_eA_UDRcrh9f4-SkRMylvUFhK9zqgQkAz9_bizBg==
app~tooltips-modern.b885f95a.js
js.intercomcdn.com/ Frame C552 		203 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/app~tooltips-modern.b885f95a.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff5799a5b8382bd603892f224d9d0f5da0c62e8526e23ae241582d8514d016cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
Y42_zkYzHnngUZQOFye38T1l22Ch5lrF
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 08:56:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
6682
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52502
last-modified
Tue, 28 Nov 2023 12:54:18 GMT
server
AmazonS3
etag
"2ba1e7eb75e59542c6f0e389fc44c8e6"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
jksw0nF6r1JmKla2aqQz78HoNZZsSHoS2x7W4KtiU6ORcz0T49urvg==
app-modern.0d26ca31.js
js.intercomcdn.com/ Frame C552 		516 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/app-modern.0d26ca31.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14c8896a1bf70dc08ff76f7c848e3357a67e7b62fbe2b8fd408eb9eae7c7be6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
Eb5X.FiARYSEDx2BFDcoPi6mLakNeXGa
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 10:39:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
508
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
135743
last-modified
Tue, 28 Nov 2023 14:36:53 GMT
server
AmazonS3
etag
"0b50844ed6d130eb1a2494874adec64c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
5RJAaw_PASfaxzVusea1Olg7T0Uc3upYyvmHuCYYnzOJm5GFHMeloQ==
open
api-iam.eu.intercom.io/messenger/web/ Frame C552 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.eu.intercom.io/messenger/web/open
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.250.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-250-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f09579ab95aff16388096d49792d9698aa2f692808be31874675ca073d48c323
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 01 Dec 2023 10:48:00 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0fb9a46d175694e58
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00065jsrk5msc5j5cnf0
x-runtime
0.176677
server
nginx
etag
W/"f09579ab95aff16388096d49792d9698"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.therewardhub.com
x-intercom-version
a07c3b34254e5e5598e3421a2ad5570555141338
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
custom_avatar-1656672080.png
static.intercomassets.eu/avatars/50001334/square_128/ Frame C552 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.intercomassets.eu/avatars/50001334/square_128/custom_avatar-1656672080.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.153.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-153-82.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd71a8bdc53f8953bb4f48b3565522b9370858991045242585e6b418c2a7b1b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:31:34 GMT
x-amz-version-id
null
via
1.1 6fd5b9dd7e89650c2a4b7ce07a2f3fd0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P2
age
8187
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3116
last-modified
Fri, 01 Jul 2022 10:41:21 GMT
server
AmazonS3
etag
"1c274f294bf74b1702993dd23094bae3"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
KzkfjF25brStYiy52XauIYdffLLTdpfVaWXwWQ-BoJN0FNSfTSO2ZQ==
match
api-iam.eu.intercom.io/messenger/web/rulesets/12458/ Frame C552 		940 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.eu.intercom.io/messenger/web/rulesets/12458/match
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.250.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-250-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fa474cb7a8dd500f47ea0aaf21d5149a8815301e9e7a18e7e949ca6c2614e94d
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 01 Dec 2023 10:48:00 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0fb9a46d175694e58
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00027m51ajogprjqtahg
x-runtime
0.088425
server
nginx
etag
W/"fa474cb7a8dd500f47ea0aaf21d5149a"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.therewardhub.com
x-intercom-version
a07c3b34254e5e5598e3421a2ad5570555141338
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
home
api-iam.eu.intercom.io/messenger/web/ Frame C552 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.eu.intercom.io/messenger/web/home
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.250.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-250-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4b7a9c165e637f5887680f13e4cfbfa32902f32d6efde21eca30a8407a1d9dab
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 01 Dec 2023 10:48:01 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0fb9a46d175694e58
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0000bn75v9ipieundobg
x-runtime
0.400547
server
nginx
etag
W/"4b7a9c165e637f5887680f13e4cfbfa3"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.therewardhub.com
x-intercom-version
a07c3b34254e5e5598e3421a2ad5570555141338
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
conversations
api-iam.eu.intercom.io/messenger/web/ Frame C552 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.eu.intercom.io/messenger/web/conversations
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.250.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-250-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8a30ae24bbadaa0d2f2fad2e818412b21660006d7b559bc274877ec6e63fc50e
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 01 Dec 2023 10:48:01 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0fb9a46d175694e58
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00027m5lmvu0jvsti090
x-runtime
0.260607
server
nginx
etag
W/"8a30ae24bbadaa0d2f2fad2e818412b2"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.therewardhub.com
x-intercom-version
a07c3b34254e5e5598e3421a2ad5570555141338
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
help_center_content
api-iam.eu.intercom.io/messenger/web/ Frame C552 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.eu.intercom.io/messenger/web/help_center_content
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.250.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-250-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6e6c5575fac1c9029500330bbc5d9aa297f7f88c2743a4c74826ecaf00f1cc80
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 01 Dec 2023 10:48:01 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0fb9a46d175694e58
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0004vbqtvc2i0ti3q450
x-runtime
0.550223
server
nginx
etag
W/"6e6c5575fac1c9029500330bbc5d9aa2"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.therewardhub.com
x-intercom-version
a07c3b34254e5e5598e3421a2ad5570555141338
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
iStock_4-1699954004.jpeg
static.intercomassets.eu/avatars/50018882/square_128/ Frame E125 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.intercomassets.eu/avatars/50018882/square_128/iStock_4-1699954004.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.153.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-153-82.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7a1e22ace872b11dc319c6ae571abfde11ccf931276e7440b65a4d5a97c03ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 10:48:01 GMT
x-amz-version-id
JPrIRu0.9uysG37JoDAWt9pI2C0S6OvG
via
1.1 6fd5b9dd7e89650c2a4b7ce07a2f3fd0.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 09:26:47 GMT
server
AmazonS3
x-amz-cf-pop
HAM50-P2
etag
"f7f6db749941cb0cb450b8120822ad4c"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
11852
x-amz-cf-id
LlftRBLVXyKW5EVMIDSonKhcJXvQNT0EVD6JaiSVoOWEjFS56tFjkw==
custom_avatar-1656672080.png
static.intercomassets.eu/avatars/50001334/square_128/ Frame E125 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.intercomassets.eu/avatars/50001334/square_128/custom_avatar-1656672080.png
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/vendor-modern.689650c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.153.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-153-82.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd71a8bdc53f8953bb4f48b3565522b9370858991045242585e6b418c2a7b1b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:31:34 GMT
x-amz-version-id
null
via
1.1 6fd5b9dd7e89650c2a4b7ce07a2f3fd0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P2
age
8187
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3116
last-modified
Fri, 01 Jul 2022 10:41:21 GMT
server
AmazonS3
etag
"1c274f294bf74b1702993dd23094bae3"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
81VEaKG6YeYX_LVcaQNfkyC2xvzo0U7RlsS4Usmpsd3R11klWk_Jzg==

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| CloudflareApps object| dataLayer string| basePath string| APP_ID string| API_BASE object| intercomSettings function| Intercom object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| angular object| Highcharts object| FileAPI function| _ object| CommonPrivacy object| baseViewModel function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| OptanonWrapper function| __intercomAssignLocation function| __intercomReloadLocation string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| OneTrustStub object| Optanon object| OneTrust

8 Cookies

Domain/Path Name / Value
www.therewardhub.com/ Name: lang.cnahardy
Value: en-GB
www.therewardhub.com/ Name: cnahardy.correlationId
Value: 13e2e1a9-a30a-4303-94c6-af9d5f224c51
www.therewardhub.com/ Name: GCLB
Value: CJCShdXY2buEUw
www.therewardhub.com/ Name: __cflb
Value: 02DiuFhhPNpQkJBkzdzuDdt3ryypwc9BwRcaFdL12EWEg
.therewardhub.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Fri+Dec+01+2023+11%3A47%3A59+GMT%2B0100+(Central+European+Standard+Time)&version=6.38.0&hosts=&consentId=c45c6cf8-69ed-4836-a28a-648cf401829d&interactionCount=0&landingPath=https%3A%2F%2Fwww.therewardhub.com%2Fcnahardy%2Fopen%2Fsso%2Fsaml2%2FHttpPost%3Fnotification_link_uid%3DVVE1ZCtycFVoQzBxQ2dvaFRoODFTY1o1aXpRWGFCQVFnbCtyU3pYaUxqOVowZHlsREM2VDdzYytjQXRWTUJOWFN5cXA2M1YzdkFscXB6VGw0YzRoVXp1MkJ5bGVmd3Qya0hheUtxQy9wZDVGRFJqZTJIRVBzSVpSTEw1NEtmRFVDc1RjNmRROFRMSFpSdnpIOTRCdE9nPT0tLWFPemJtdjFBQklFb1Eyc2pKOWpIOGc9PQ%253D%253D--d49f27109760e8bc8856f4b33147eb6ffa43f677&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0
.therewardhub.com/ Name: intercom-id-x74zstsz
Value: 72c379e8-f283-4257-998f-ad3428dd2cee
.therewardhub.com/ Name: intercom-session-x74zstsz
Value:
.therewardhub.com/ Name: intercom-device-id-x74zstsz
Value: 4ca9e204-20d4-41ff-9156-cb7f441b1fdc

7 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://www.therewardhub.com/cnahardy/Resources/Styles/Images/exception.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www.therewardhub.com/employee/cnahardy/undefined/notifications/
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy child-src https://surveymonkey.com https://www.surveymonkey.com content.bitsontherun.com content.jwplatform.com assets-jpcust.jwpsrv.com https://player.vimeo.com https://vars.hotjar.com https://intercom-sheets.com https://www.intercom-reporting.com 'self'; connect-src wss: https: https://profiles.onehub.dev https://profiles.onehub.global https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://api.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com 'self'; default-src 'self'; font-src https://fonts.gstatic.com https://script.hotjar.com https://js.intercomcdn.com https://fonts.intercomcdn.com 'self'; frame-ancestors https://www.therewardhub.com/* https://*.onehub.dev https://*.onehub.global https://*.onehubasia.io https://*.testbenefit.co.uk https://*.therewardhub.com; img-src data: blob: *; media-src https://js.intercomcdn.com 'self'; object-src assets-jpcust.jwpsrv.com 'self'; script-src https: https://static.hotjar.com https://script.hotjar.com https://cdn.cookielaw.org https://www.google-analytics.com https://ssl.google-analytics.com *.googletagmanager.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline'; style-src https://cdn.therewardhub.com https://www.therewardhub.com/ https://tagmanager.google.com https://www.googletagmanager.com https://fonts.googleapis.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.eu.intercom.io
cdn.cookielaw.org
cdn.therewardhub.com
geolocation.onetrust.com
js.intercomcdn.com
static.intercomassets.eu
support.intercom-mail.eu
widget.intercom.io
www.googletagmanager.com
www.therewardhub.com
104.16.176.36
104.16.177.36
143.204.98.128
18.155.153.82
18.66.147.43
2600:9000:2070:f600:8:da46:f080:93a1
2606:4700:4400::6812:2089
2606:4700::6812:83ec
2a00:1450:4001:80f::2008
54.76.250.250
0b42aae999d7b6a155e36558583dbd883d536c70aa6648c377494e8f1f17766e
0f4a23a5dff2db1a73424811f09672625c42a70e65726e92857b52cdf4131c53
14c8896a1bf70dc08ff76f7c848e3357a67e7b62fbe2b8fd408eb9eae7c7be6a
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
19690f4e8d8e55402f3aab1fa0a1f7caf2f0a78f3b0a244b4b3a23080185b5cb
1ea80d4cea5a8f3cf05004d9b6fea1105c80ba284d7e8583eb6420e4d307ed98
25207f18e39203f8707f6a4a015d35c8bd6878574019ab0bd494d2bf7cb3d8bf
25d4c5a89428f032e3851eed4f903a1c800c2bde74f3893f3ac62782ed67cfbf
2681036c94eb9b2db2f623222847aa6cda22bd98b1f7963aab982ab4eacbbecb
2c045e4ad903df573360332858f2efff833684f0528e56b910cbbf74cf0088af
418e8e510a9d1b17570f4573bb7a5e29b7a32de9bef188831deada3e74cfc161
42b2b9d16fbf8d3c6be72420699360790966e58fe30d8794fd90a71c8aef122d
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4ac9ded224fc980d4c5d880b3a8ac4cad4a782ca627c3dfd862621ff33e49d33
4b7a9c165e637f5887680f13e4cfbfa32902f32d6efde21eca30a8407a1d9dab
616bdcd6f686b832aecb268a0b081084ffa2ffc8251a39ca1d4b9b9c02fade8e
6477eaaf9e4a2b06c841a6866d989e0ddd448d2dfd5e3ad973076876355c76d4
67f3eea9befc9fc2a7648ab004a0ed04876f7a91b0c2a9287f4b3760c5defb72
685b125c9f79c935a251b99401871e63fc54834262b4562059ec0a3a0146e8ed
6e6c5575fac1c9029500330bbc5d9aa297f7f88c2743a4c74826ecaf00f1cc80
711a0305c59f34dab87a90da579f31ec59eacca186a56917d8eb53babc5a6445
7e6b7e60e2a2008a0cf95385c1ec9d9365bf443a7e224d4ba4e9aa56ddfb0164
847624d1dbccc6d334f832135f81f880131cec94e52adae74e199f4bd3070c50
8a30ae24bbadaa0d2f2fad2e818412b21660006d7b559bc274877ec6e63fc50e
8b8cab927b0e2d903c08b61f930e84c9d8d999d11b7f23ce6ac7bde2b0882a2c
8b9e27ba172e5b535b1d0564b4882f74aecc77a4dc4d20fc400bd2b2bc4418c1
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
980916a35f525783b0f455667cd2ee3bbeaa065edf09bc6e5dada6813b2bf7d3
9e2747806c4a30f0d4f39596a13dd97dc5484b96845d945d90b300e1bbdebc72
a5068ded0fa3ee9d983f770ef61d66e775756d2ffa665a60d36a4e3d17748ffa
a7a1e22ace872b11dc319c6ae571abfde11ccf931276e7440b65a4d5a97c03ef
a7f184f3a0f2bd23e61025ffae0b9322b79bef1b6e5e954be4e462ce5f4ca247
a98b0d22fb50853a6fbb1a665e510a9595d2dae5f86a5774f8f0c2f701955532
b94faffa1d90bd953c7e782dfbba8be4e5c9e2c04d94c9e49d9109687aa61d26
c0c36470d3b6f534495768bdd7ed92dbb0d6d8d1f3b7b69adba7153b68b90f35
c3106054e698f6108267182902201d8829c8317a9a2fe27e3ae2f171972dea75
c7b10df757d5669f641fa828e4d1719d43d1ec964a0c767720be9de1dc5e803e
c99fc2bfc4400002e2490abcbf9edb634ff9a3fef59ae4ae5ce14387f3231dfe
cd0346057c1c61304771f4dd138dcc7e0ad4c6f7488fc0da1eb480b43057f775
cd71a8bdc53f8953bb4f48b3565522b9370858991045242585e6b418c2a7b1b3
ce26ecdf22dd9987049b1bdc32d7ebdfeb55b26bd607d83a13f31079bcd6e131
d319b919ded7785c29f3be59f107e4eff0c8ac074922b105b2e0b724bde8d55c
d39a81f1ee71b97b2e324621e49c3506d87ef3d9261861c81512ff826bb60a08
d6308d8891499f3382b402b0bdb9e396e19aa33df401ac82df2381af49b4e90c
dd58effb58ce4f21f85458651adc8871e96696ec766ba20be320d1489bb7d7f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee98489d4c12217afbf171860656a1cf4a8b1fa4af10a07d9bdaad334c64f2b9
f09579ab95aff16388096d49792d9698aa2f692808be31874675ca073d48c323
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fa474cb7a8dd500f47ea0aaf21d5149a8815301e9e7a18e7e949ca6c2614e94d
fd6de69e6af62408b59c3ce5d7456ce351de7b4d0f8365e2815cce1aa4a662a2
ff5799a5b8382bd603892f224d9d0f5da0c62e8526e23ae241582d8514d016cb