urlscan.io logo urlscan.io
SecurityTrails logo

www.e-rewards.com Open in urlscan Pro
2600:9000:236e:8000:3:68f9:62c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.e-rewards.com/memberagreement.do
Effective URL: https://www.e-rewards.com/memberagreement.do
Submission: On October 05 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 19 domains to perform 65 HTTP transactions. The main IP is 2600:9000:236e:8000:3:68f9:62c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.e-rewards.com. The Cisco Umbrella rank of the primary domain is 812927.
TLS certificate: Issued by Amazon on June 22nd 2022. Valid for: a year.
This is the only time www.e-rewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2600:9000:236... 16509 (AMAZON-02)
3 2600:9000:214... 16509 (AMAZON-02)
1 2 34.228.250.246 14618 (AMAZON-AES)
2 52.216.144.131 16509 (AMAZON-02)
1 99.86.1.145 16509 (AMAZON-02)
1 2a02:26f0:10e... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 12 65.9.66.9 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
1 65.9.66.123 16509 (AMAZON-02)
4 2606:4700:e6:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.222.137.93 16509 (AMAZON-02)
1 13.32.27.19 16509 (AMAZON-02)
1 172.67.75.100 13335 (CLOUDFLAR...)
1 65.9.86.122 16509 (AMAZON-02)
1 7 23.205.241.144 16625 (AKAMAI-AS)
3 65.9.66.72 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 34.205.216.121 14618 (AMAZON-AES)
65 25
10    2600:9000:236e:8000:3:68f9:62c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.e-rewards.com
3    2600:9000:214f:4600:17:5070:d6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
darwin-assets.dynata.com
2    34.228.250.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-250-246.compute-1.amazonaws.com
goggles.mw.dynata.com
2    52.216.144.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
upp-public.s3.amazonaws.com
1    99.86.1.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-145.fra6.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
1    2a02:26f0:10e:284::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
4    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
12    65.9.66.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-9.fra56.r.cloudfront.net
widget.freshworks.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
1    65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net
static.hotjar.com
4    2606:4700:e6::ac40:ca1c (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
3    2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.222.137.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-93.ams50.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net
1    13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net
script.hotjar.com
1    172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)
settings.luckyorange.net
1    65.9.86.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-122.ams1.r.cloudfront.net
vars.hotjar.com
7    23.205.241.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-144.deploy.static.akamaitechnologies.com
c.evidon.com
3    65.9.66.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-72.fra56.r.cloudfront.net
nexus.ensighten.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    34.205.216.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-216-121.compute-1.amazonaws.com
l.evidon.com
Apex Domain
Subdomains		 Transfer
12 freshworks.com
widget.freshworks.com — Cisco Umbrella Rank: 25840
143 KB
10 evidon.com
c.evidon.com — Cisco Umbrella Rank: 1876
l.evidon.com — Cisco Umbrella Rank: 12022
42 KB
10 e-rewards.com
www.e-rewards.com — Cisco Umbrella Rank: 812927
272 KB
5 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3306
ka-f.fontawesome.com — Cisco Umbrella Rank: 6353
100 KB
5 dynata.com
darwin-assets.dynata.com — Cisco Umbrella Rank: 206019
goggles.mw.dynata.com — Cisco Umbrella Rank: 291486
37 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
209 KB
3 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3863
11 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 874
script.hotjar.com — Cisco Umbrella Rank: 1166
vars.hotjar.com — Cisco Umbrella Rank: 1268
69 KB
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 955
34 B
2 gstatic.com
fonts.gstatic.com
46 KB
2 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
d10lpsik1i8c69.cloudfront.net
15 KB
2 amazonaws.com
upp-public.s3.amazonaws.com — Cisco Umbrella Rank: 405614
140 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 3460
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
349 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3900
349 B
1 luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 11805
742 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
1 KB
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 479
17 KB
65 19
Domain Requested by
12 widget.freshworks.com 1 redirects www.e-rewards.com
widget.freshworks.com
10 www.e-rewards.com 1 redirects www.e-rewards.com
7 c.evidon.com 1 redirects www.e-rewards.com
c.evidon.com
4 ka-f.fontawesome.com d2wy8f7a9ursnm.cloudfront.net
www.e-rewards.com
4 www.googletagmanager.com www.e-rewards.com
www.googletagmanager.com
3 l.evidon.com www.e-rewards.com
3 nexus.ensighten.com www.googletagmanager.com
nexus.ensighten.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 darwin-assets.dynata.com www.e-rewards.com
2 sessions.bugsnag.com d2wy8f7a9ursnm.cloudfront.net
2 fonts.gstatic.com fonts.googleapis.com
2 upp-public.s3.amazonaws.com www.e-rewards.com
2 goggles.mw.dynata.com 1 redirects www.e-rewards.com
1 www.google.de www.e-rewards.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 vars.hotjar.com static.hotjar.com
1 settings.luckyorange.net d2wy8f7a9ursnm.cloudfront.net
1 script.hotjar.com static.hotjar.com
1 d10lpsik1i8c69.cloudfront.net www.e-rewards.com
1 static.hotjar.com www.e-rewards.com
1 fonts.googleapis.com www.e-rewards.com
1 kit.fontawesome.com www.e-rewards.com
1 assets.adobedtm.com www.e-rewards.com
1 d2wy8f7a9ursnm.cloudfront.net www.e-rewards.com
65 25

This site contains links to these domains. Also see Links.

Domain
www.e-rewards.de
Subject Issuer Validity Valid
e-rewards.com
Amazon		 2022-06-22 -
2023-07-21		 a year crt.sh
*.dynata.com
Amazon		 2022-06-01 -
2023-06-30		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-26 -
2023-04-26		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-12 -
2023-08-12		 a year crt.sh
*.freshworks.com
Amazon		 2022-07-26 -
2023-08-24		 a year crt.sh
*.mw.dynata.com
Amazon		 2022-06-27 -
2023-07-26		 a year crt.sh
*.evidon.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-12 -
2023-04-12		 a year crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.e-rewards.com/memberagreement.do
Frame ID: E6901761C3746ACECB57C7D73C3572AB
Requests: 55 HTTP requests in this frame

Frame: https://widget.freshworks.com/widgetBase/widget.js
Frame ID: 4586338623BDD89F7C82F18E85BD2ECD
Requests: 7 HTTP requests in this frame

Frame: https://widget.freshworks.com/widgetBase/static/media/styles.5fe92f64.css
Frame ID: 8905163C14826F9DF3AD563815436B0A
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 33D2162B8ECD2C356D34605CEEA2BE55
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paid Surveys Online | e-Rewards currency

Page URL History Show full URLs

  1. http://www.e-rewards.com/memberagreement.do HTTP 301
    https://www.e-rewards.com/memberagreement.do Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js
Overall confidence: 100%
Detected patterns
  • c\.evidon\.com
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

65
Requests

95 %
HTTPS

52 %
IPv6

19
Domains

25
Subdomains

25
IPs

5
Countries

1122 kB
Transfer

3285 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.e-rewards.com/memberagreement.do HTTP 301
    https://www.e-rewards.com/memberagreement.do Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://goggles.mw.dynata.com/api/v1/upp/global.js HTTP 302
  • https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=1
Request Chain 16
  • https://widget.freshworks.com/widgets/73000000940.js HTTP 301
  • https://widget.freshworks.com/widgetBase/bootstrap.js
Request Chain 48
  • https://c.evidon.com/sitenotice/1696/e-rewards/settings.js HTTP 301
  • https://c.evidon.com/sitenotice/1696/e-rewards/settingsV2.js

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request memberagreement.do
www.e-rewards.com/
Redirect Chain
  • http://www.e-rewards.com/memberagreement.do
  • https://www.e-rewards.com/memberagreement.do
129 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
683d56d7dcaf63098ebb768af4f59bf2e8e95b41d29b6e603c48507acc1139a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 05 Oct 2022 05:56:56 GMT
etag
W/"7ebb3e6c9d72f23d3a9e6f6a9444c2e0"
last-modified
Fri, 23 Sep 2022 13:50:16 GMT
server
nginx/1.21.6
vary
Accept-Encoding
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-id
lcg_lUcwDS30_qZg3FSXr912_R8X1Hmi9PfnytJbmXh9-d08Qns1sA==
x-amz-cf-pop
FRA60-P1
x-cache
Error from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:56:56 GMT
Location
https://www.e-rewards.com/memberagreement.do
Server
CloudFront
Via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
X-Amz-Cf-Id
rphY2LqcrwQPtyys9c3RMXMAQyZWYQE_dGK4LqgFbFdexkmcANLOFw==
X-Amz-Cf-Pop
FRA60-P1
X-Cache
Redirect from cloudfront
style.css
www.e-rewards.com/blueprint/dist/stylesheets/ 		97 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/stylesheets/style.css
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
bfb745758c9ec0195071fcaabd9791a08bffbe4315a3c80739b084d37e087369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/memberagreement.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:07:58 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.057; 0.001; 0.057
x-amz-cf-pop
FRA60-P1
age
86350
etag
"5f04637cf5e4a40ab10b9b2b455dda15"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
content-length
16014
x-amz-cf-id
s9uQnQh68SU7UXzsZU_ViB0khMn7obc1QUtHNUDbmRmr-Q0KfFJEjA==
default-content.css
www.e-rewards.com/blueprint/dist/stylesheets/layouts/default/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/stylesheets/layouts/default/default-content.css
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
702a1bce86e29766ac378801b60b23a8bd07c8e342ce074b60ea626e3e2a92a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/memberagreement.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:06:47 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.036; 0.001; 0.035
x-amz-cf-pop
FRA60-P1
age
86350
etag
"91f07fac9b17d801c73f4c564763ce88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
content-length
3467
x-amz-cf-id
FsEdsbr95Kf7Mx6cDYPxolPbmE4mVOzU2IjEY-JvGqW9XQwsL7DfHg==
notFound.css
www.e-rewards.com/blueprint/dist/stylesheets/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/stylesheets/notFound.css
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
6f2ae750b8b91083fe462d13950001c71923cefae2e7a2c6a82e5e87b1b5cc63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/memberagreement.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:06:49 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.037; 0.001; 0.036
x-amz-cf-pop
FRA60-P1
age
86350
etag
"4317edb9d606a5a0666dc3dc321498bb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
content-length
850
x-amz-cf-id
TXlNeCngGyBZg9z_2ajzr-a69L4cfsxUWL-OzCAbQYCnWeY7xjZdYA==
icons.js
www.e-rewards.com/blueprint/dist/common/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/common/icons.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
151747425d77e68d7139dc374ebb289ee1ddda7dea62727a93be1c91591bde2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/memberagreement.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:05:57 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.031; 0.003; 0.031
x-amz-cf-pop
FRA60-P1
age
86350
etag
"eef7012ca2d30429caa7f4bf34a7c397"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
content-length
4041
x-amz-cf-id
r8OXM_xn_T4lOoY_hXclnD92WGGwdrlCiJwsNI5eY9Z0k7tVhrUxYQ==
eRewards.png
darwin-assets.dynata.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://darwin-assets.dynata.com/eRewards.png
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4600:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
940814c81f66bbc6074e23d64a49d45c5946d3e93c5c6807dc6c30f52e99b690

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:37:02 GMT
via
1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Wed, 18 Sep 2019 20:53:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3963
etag
"e83a54d1881a6746694f1a237cc2c56d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
20996
x-amz-cf-id
wuM5vQs5WUdOz51MSqZld3CdyArXcIAxC5UCHwfXju8KOgoxxpsFnQ==
eRewards-mobile.png
darwin-assets.dynata.com/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://darwin-assets.dynata.com/eRewards-mobile.png
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4600:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd1d48c6172c4a60339397890b7687cdcb03b45261d095304888c79e959714fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:37:02 GMT
via
1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Mon, 23 Sep 2019 23:36:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3127
etag
"a9b763f281d166afbf0777e5406ea6fd"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6541
x-amz-cf-id
NFHYlTy6faztra1IpAelOaOBO-0VrcnrRx6h0LQabJTZSqq0Ty30gA==
global.js
upp-public.s3.amazonaws.com/upp-client/1.2.2/
Redirect Chain
  • https://goggles.mw.dynata.com/api/v1/upp/global.js
  • https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=1
66 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=1
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
HTTP/1.1
Server
52.216.144.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
98e192cd4c0c0ff6fe661f022c0569e05b824392f6b172a6b54ff3233d03837e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:56:58 GMT
Last-Modified
Sat, 23 Jul 2022 20:39:10 GMT
Server
AmazonS3
x-amz-request-id
BGFDEKX2E2TPFNYY
ETag
"2982ac4d3b11fae659fe262fe20ee1b0"
Content-Type
application/javascript
Cache-Control
max-age=2592000,public
Accept-Ranges
bytes
Content-Length
67331
x-amz-id-2
RlMDOy9yUhWjsg1DPhO2qZICl7GrUACI07Yxx/33fygifjVe2gGsGTevNejRJsBQ+STup01NCi8=

Redirect headers

date
Wed, 05 Oct 2022 05:56:57 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/html; charset=utf-8
location
https://upp-public.s3.amazonaws.com/upp-client/1.2.2/global.js?v=1
access-control-allow-origin
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
content-length
110
nectarCanvass2-global.js
www.e-rewards.com/blueprint/dist/packages/ 		617 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/packages/nectarCanvass2-global.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
6beaa737a07b2cdd82921ee0c8f09b66a177140265905ce32c1ef9c1dfb59272

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/memberagreement.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:06:36 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.060; 0.000; 0.060
x-amz-cf-pop
FRA60-P1
age
86350
etag
"09b41789e411461aee348f494eb899b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
content-length
138128
x-amz-cf-id
4yq4emAOV1oK70UuPmO537tfw9I0hgXXuMWQQ3xfEXCzJZ1pNRkc6g==
defaultLayout.js
www.e-rewards.com/blueprint/dist/apps/defaultLayout/ 		81 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/apps/defaultLayout/defaultLayout.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
c2e842ed394f4e7535d88f8bd20b33815df788674b008989512efb572ffedf61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/memberagreement.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:05:32 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.068; 0.000; 0.067
x-amz-cf-pop
FRA60-P1
age
86350
etag
"3a2c1410d291ac48982906a964c3d94b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
content-length
17933
x-amz-cf-id
uY5zTslIGouvjFKw46tn9MSYGkNsDSwslEL9d47gBIP1pbtL8NHKgg==
layout.js
www.e-rewards.com/blueprint/dist/common/ 		2 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/blueprint/dist/common/layout.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e16b9816ecaf90056fe69adbef5506c6c014c03b4d17826f89f84d19a54ba68e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/memberagreement.do
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 05:57:47 GMT
content-encoding
br
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 03:05:57 GMT
server
nginx/1.21.6
x-stats
@br_1st; 0.033; 0.001; 0.033
x-amz-cf-pop
FRA60-P1
age
86350
etag
"6dcbca8f566059daf429d6ca34263053"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
content-length
608
x-amz-cf-id
uujvckr3MLZeOFB8LIEZSzmkXnXL9TCQvfMYqPMGKPG-IlRLkLMIrA==
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v6/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-145.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 01:53:09 GMT
Content-Encoding
gzip
Via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
Last-Modified
Wed, 05 Feb 2020 15:23:02 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Age
4680228
ETag
W/"e63788b8657ac52b3cdbb970e551c2a4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Cache
Hit from cloudfront
Cache-Control
public, max-age=315360000
Connection
keep-alive
X-Amz-Cf-Id
y_FRcG0i_hZm7oxXwS18rz9IEC3-H83V1UPr6g5GSeFaCeBNBG7Lbw==
launch-EN60fd1a01badf4e628a4115339e14d224.min.js
assets.adobedtm.com/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN60fd1a01badf4e628a4115339e14d224.min.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e:284::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
75d814df063980d65abcc223a3c8313d4ebeba9435ddcd7b961cccdd1688539b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:56:57 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 14:52:00 GMT
server
AkamaiNetStorage
etag
"a052f8799a3143cef6b444e408015de8:1648651920.253085"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.e-rewards.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
16632
expires
Wed, 05 Oct 2022 06:56:57 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-48438478-1
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
702df002dd88e4170106890c93522e64fa41d6ae23c6bb83b80ad88c4a979e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42395
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 05:56:57 GMT
b7da1dbf2d.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/b7da1dbf2d.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96683749d2c3d3d7bd41b1e8fe4ccb72fbdc6d31be4815741cb0c3a471ef3861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:57 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
12
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7553eac1bd80bbda-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FxSmDbjLC04eJlwArmuh
campaign.js
darwin-assets.dynata.com/ 		68 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://darwin-assets.dynata.com/campaign.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4600:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85b5e0ac186f64a05b6f8b95e5fb25e8706c05d7f8141449f769b153b11d9933

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 07:45:01 GMT
content-encoding
gzip
via
1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Mon, 28 Jun 2021 20:54:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
80196
x-amz-server-side-encryption
AES256
etag
W/"0d10bee3b51513c3019ffbd71f9045ee"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
772xHFdhF1DbNRkQDZ9GCjwLJNDioWlPSCzZn7ZdIZd26OrnUeAPhA==
global.js
upp-public.s3.amazonaws.com/upp-client/1.1.0/ 		73 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upp-public.s3.amazonaws.com/upp-client/1.1.0/global.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.144.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e0253ec10cf55e245b9f78544fdb24b4362dc04d031f1f66081012cbd72230d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:56:58 GMT
Last-Modified
Wed, 01 Sep 2021 19:57:50 GMT
Server
AmazonS3
x-amz-request-id
BGFFQMP504JDZ6HE
ETag
"b40fa8996c08bb7924fcb7308d82b7f6"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
74931
x-amz-id-2
8fG+c1bif+x+2I8oqrwcL4F5lyi8smm3tVrS5hwT9hbY/mcbcmKafSidNg3ZkRxsnOl2kjScfp0=
bootstrap.js
widget.freshworks.com/widgetBase/
Redirect Chain
  • https://widget.freshworks.com/widgets/73000000940.js
  • https://widget.freshworks.com/widgetBase/bootstrap.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/bootstrap.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee44cd411ab8bbae046b53b3e23b1a0bf0c85a547df4707c29d094043624dd4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
KDwZqnQjVPwB11bk6UNpPRzkcpHoPw7O
content-encoding
gzip
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
date
Wed, 05 Oct 2022 05:55:36 GMT
last-modified
Wed, 21 Sep 2022 03:35:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
82
etag
W/"991532202f20564c613fd227683125ff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
x-amz-cf-id
IqrFGK2nCCJxFPpzpRFDAlTvUu2vt8_cHuk_B4_dKOkGvVTPH9ZoQQ==

Redirect headers

date
Wed, 05 Oct 2022 05:56:11 GMT
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
47
x-cache
Hit from cloudfront
location
/widgetBase/bootstrap.js
content-length
0
x-amz-cf-id
3KkHccpvFQtwtKmt0ccWrk6X5GvaLqTmGeHTgTNsKdqEj4AN29qn1w==
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/blueprint/dist/stylesheets/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce790ebecbb55dffebbaa44622b9c389a00533b410216fb0a12e92ad28917fdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 05:56:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 04:58:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 05:56:57 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.e-rewards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 10:23:17 GMT
x-content-type-options
nosniff
age
70420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 10:23:17 GMT
fontawesome-webfont.woff2
www.e-rewards.com/shared/vendor/font-awesome/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.e-rewards.com/shared/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/blueprint/dist/stylesheets/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://www.e-rewards.com/blueprint/dist/stylesheets/style.css
Origin
https://www.e-rewards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 06:08:23 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
last-modified
Wed, 09 Jun 2021 14:29:15 GMT
server
nginx/1.21.6
x-stats
@origin; 0.174; 0.001 : 0.002 : 0.002 : 0.001 : 0.001 : 0.000; 0.031 : 0.023 : 0.021 : 0.014 : 0.031 : 0.054
x-amz-cf-pop
FRA60-P1
age
85714
etag
"db812d8a70a4e88e888744c1c9a27e89"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
max-age=604800
content-length
66624
x-amz-cf-id
oKY5_3dysyME5U9k4-xoaP2oSPqdjFQWIhq-fmH2PSiLeVk2E3mpIw==
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.e-rewards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:22:01 GMT
x-content-type-options
nosniff
age
77696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 08:22:01 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://www.e-rewards.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 05 Oct 2022 05:56:58 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://www.e-rewards.com/
Bugsnag-Sent-At
2022-10-05T05:56:57.877Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
f76e95dcd14d705fbc9ef14b67d8d4c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 05 Oct 2022 05:56:58 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
hotjar-1702204.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1702204.js?sv=6
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-123.fra56.r.cloudfront.net
Software
/
Resource Hash
fe860cbc35aa951ba1f62490405502ab4f77228774138f2ea129bf5acc49dedb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
etag
W/f7109f7957963ca4d930a2ffea4f9868
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ROkshQf5TaMK1hwZIVMsGxT3LjOkjhgXL_43b7zBb9P0fekrTHDUfw==
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=b7da1dbf2d
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:57 GMT
via
1.1 819cd2dd67161d301a9388e0baebb3e4.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG50-P2
age
225548
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OUBcouJbjl3KOECnkv7qroW47ftJaGZKK2buGVgPvLT2Jfe4IxJLPnbJEwGXHeI4XKHIFAkmxjocemcrkSXCRIkfNLL297jtSlmxGxw5BMS4t9UC6DqwcBpf7cd4NnEEgi%2FsxEF2gBGi%2FvrkiyYWMlKJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7553eac5ea28918f-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
2sCmDdzzR3zuxyXXalcqxZZF-5ssdfZlPQmFqSlvE8Fh6YJdlhsbfg==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=b7da1dbf2d
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:57 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
1821215
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BY%2BK02xHc9eWNHqbn6ubm6H7bVFcMzj5uN%2FGmETJGKv0PiV9rxRzPkjsvDXauc65ZU9P2rtuqUSGlhl5QDqzYvtQ64dPKi149E84koAcWcAn9R1HtD9lHRNxn7p4ORiHvTOTTOFdKjgzhfT6Bx%2BsBU5tg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7553eac5fa2d918f-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
vCmE4rXoi0P8efPiTCkBqWm-3eJQ9ckBPKwBcVwHdVhxwyWflr3bJA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=b7da1dbf2d
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:57 GMT
via
1.1 941acf135bdda975383e37976690acc6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG50-P2
age
225548
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1JCSMQpfxv3ZZKpM6nfUq%2Fdm1sABCK4ocuQC%2BVB6u1NCKUaNvMiZHzC46wWUpHZ0e0MXsVI4ej0pCgUh%2BejCrPeDNs3m1OaKArMEeYom0Kn78MDcoK%2Bvhdor2J0eSSeKPJ5HPAW3JzrAq004y1myT2BnA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7553eac5fa2a918f-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
wM_pidjy2PRp4kz__PsGfrU-IWycEbjbT6UArZiKex_G9_f9qVIsNg==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48438478-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Oct 2022 04:27:31 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5367
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 05 Oct 2022 06:27:31 GMT
w.js
d10lpsik1i8c69.cloudfront.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-93.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:46:58 GMT
content-encoding
gzip
via
1.1 fc8f1559bec15e56ec52376ce42c7d90.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:48 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
600
etag
W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
D2FdN4q7RzKUiEaTVNGUo7i5I78l07Sym31y9ViVvoY7b45t-v2fMg==
gtm.js
www.googletagmanager.com/ 		149 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLFM7ZQ
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1cf04b05e8fec931d6120f71cac0f5ad45b98051fef30df768fe9d1c15baab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55912
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 05:56:57 GMT
gtm.js
www.googletagmanager.com/ 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MWBHNQL
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
92f5b4fe2623212d2a3adcd3f37434af015ade918449b2371af9ff503780eb73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39253
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 05:56:57 GMT
73000000940.json
widget.freshworks.com/widgets/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgets/73000000940.json?randomId=0.15585921440324602
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/73000000940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08704cd4341e4868975423d2e5cb401419e8525f51d4124f1a6faa9c43ff2b28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
IDi5QaEIR5s2ugDe40pVzxCtIMDN1JBK
content-encoding
gzip
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
date
Wed, 05 Oct 2022 05:56:57 GMT
last-modified
Wed, 24 Aug 2022 05:30:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
46
etag
W/"459163073602ec1b082942f835582e55"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
ehb4htRFj3PLOns7fjqf3OOWvEDy1AUaQ9GRQJ0zJ8pyV8CMON1eTw==
config
goggles.mw.dynata.com/api/v1/panel/ 		16 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://goggles.mw.dynata.com/api/v1/panel/config?panelId=50&locale=en_US&campaignId=0
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.250.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-250-246.compute-1.amazonaws.com
Software
/
Resource Hash
beca0b841439ecad66c06d67aae666878501c28cd78c63add594c9cb8b58531b

Request headers

Accept
*/*
Referer
https://www.e-rewards.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://www.e-rewards.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
frame.d7ae132c.css
widget.freshworks.com/widgetBase/static/media/ 		1 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/static/media/frame.d7ae132c.css
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/73000000940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
content-encoding
gzip
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-version-id
j5whwB96_vMnwtsuok7nj2eFye31zbxy
last-modified
Wed, 21 Sep 2022 03:33:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1218066
etag
W/"d7ae132c387286735e2e9d369838b0c5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=8640000
x-amz-cf-id
SuLVTtPSmpXvyr8VqrQI0swWbMPZsJJfOcWYDSKk9W_XBLoFWfeqYw==
widget.js
widget.freshworks.com/widgetBase/ Frame 4586 		294 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/73000000940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf3d7c09c6f60ad25b09675f259a885789faa56f93832f75a5f6ead5a210b43e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
xCrGW9tMv6bE6vC6SbOn_MYX_EkWcUt_
content-encoding
gzip
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
date
Wed, 05 Oct 2022 05:56:27 GMT
last-modified
Wed, 21 Sep 2022 03:34:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
31
etag
W/"61f0e6bff81de277e4da2b998bf726f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
x-amz-cf-id
N8YQd6KWihhpBQTPIesmo0H5xEkN4iNh0NibzwdRF07Tl0Uib-lHRA==
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer
https://www.e-rewards.com/
Origin
https://www.e-rewards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:57 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
137462
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WU5Rm%2BIxLL1QwmgC7HyjS5nmVl%2BfzCCGoBSMc8vWrWAXd1%2BSEuR%2FqHLS%2FlXfa0QZ%2FQkWzHTFg2ccvxGBxpfybSpKqnGhjwkEl8sQ9Qe%2B0mp0d%2FdbYRb0A5BpZG0htyXI%2BuXSAWGgP3%2Fd3i%2FsEsevS2iV1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7553eac67abc918f-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
l4BdYmSK9RCUZw9dFsSmTKI4LkXib4i2gpF7RW8V58S5HT0TpUC51g==
modules.cbd9768ba80ba0be5b17.js
script.hotjar.com/ 		254 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.cbd9768ba80ba0be5b17.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1702204.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-19.fra56.r.cloudfront.net
Software
/
Resource Hash
5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 18:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
40192
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
66229
last-modified
Tue, 04 Oct 2022 18:46:48 GMT
etag
"483a48bedf96c50163b542fb95446039"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
MufyeX4I6Nl8YT1ELRqHdFUSZ_M8Za6e-wB3T4B6Bj9M1cA-MTdkDQ==
/
settings.luckyorange.net/ 		129 B
742 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.e-rewards.com%2Fmemberagreement.do&s=201489
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a9094c150596de12e4d5a157e2ab23b9319a5ebf715b534d78fa4372e5f99c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.e-rewards.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQDtCyfEw74pCnscAtfw051ihrdkTFH7qdVglO4Eo23Q1W6iW1Y%2BalW2HIc0130uwRYGNxewyCMCegYatleOur6soxedmzOQ6yPBDQZF97%2Fq2HiUKPgen5VZS7G1Z6rv4cyCJgoOswUfUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-credentials
true
cf-ray
7553eac6c95f901f-FRA
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
0.1c2c4df3af1f24955f03.widget.js
widget.freshworks.com/widgetBase/ Frame 4586 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/0.1c2c4df3af1f24955f03.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eebb718a7898bfa8dabd53c7b04f06fc4c9e37de7778cf19d29ab2c30eb7e420

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
content-encoding
gzip
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-version-id
SZ1JnkQiOZz76nVmdajsQ1dVDwWZlt_f
last-modified
Wed, 21 Sep 2022 03:34:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1218067
etag
W/"9d67e8092feed452dfdb6c990e6724c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
zBNrn6j76EYrGShmriVuNCGGmuanR5ztQIYRmTYX4TuHh8WVDjT6MA==
1.0e8f0237accf8416de7f.widget.js
widget.freshworks.com/widgetBase/ Frame 4586 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/1.0e8f0237accf8416de7f.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
content-encoding
gzip
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-version-id
N6z.2MDtCMemJdNVXxlFNNVDfKUB.SR.
last-modified
Wed, 21 Sep 2022 03:34:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1218067
etag
W/"7c346979da8f0571ca5e101f69a9c6f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
R52oAa6uTfCqcyRUgj5r_mDB8cdpBEL2-w0-9uj9ebW7M40RhE_z5w==
8.11bbb2fbc068c24e2209.widget.js
widget.freshworks.com/widgetBase/ Frame 4586 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/8.11bbb2fbc068c24e2209.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8ead910f0137791246b27c2ffceb67e8472754570113840bf7e8c4e860446da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
content-encoding
gzip
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-version-id
rVFGT60iLKG1Gsh4zMlaCcoNf7TN0xaQ
last-modified
Wed, 21 Sep 2022 03:34:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1218067
etag
W/"a793c15efc5c381a3670f6ebeaff05e4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
G_1ANbKUx6GVHjS18Pa_mdrnIApW0qUGYhTCGB86NfGFu5lW_s9rgg==
10.94324fab217fc1ec04d6.widget.js
widget.freshworks.com/widgetBase/ Frame 4586 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/10.94324fab217fc1ec04d6.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9765e2a5cb416fba2b40a4775f7d60a6af704db8799da9bad960a698a5ba2cff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
content-encoding
gzip
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-version-id
WsfL9a.jxjVWj4W8b08Av7JSjoXsVrD_
last-modified
Wed, 21 Sep 2022 03:34:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1218067
etag
W/"47256320c76d88909573c67ab32939e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
x-amz-cf-id
_dutjC31WKHXP_UN0nJCRIfTO07e6pdADc1CoQN2M6RKjbYC7gPdeg==
16.7ec448c965bf78140550.widget.js
widget.freshworks.com/widgetBase/ Frame 4586 		645 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/16.7ec448c965bf78140550.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
223bca8d43d8707a74ccd7526391fe5ac83c702a5c9b7e772bb1ad16644bae02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
x-amz-version-id
zOhP8DnDlO.RnXwL1Dvu69gv9VUOCGic
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 03:34:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1218067
etag
"ae4182d397ed27b1cbd750fc31baf8f0"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=8640000
content-length
645
x-amz-cf-id
nEjfLkCMpX3ALOGa22MN3orpiIKe4j2-KnLW5uWSNxRcap0_wM7-LQ==
styles.5fe92f64.css
widget.freshworks.com/widgetBase/static/media/ Frame 8905 		1 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/static/media/styles.5fe92f64.css
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a3f4874b9624de93233d866964b0157bb391a458e6171cec6ce2f5023b441aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:35:52 GMT
content-encoding
gzip
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-version-id
A.ZikMfGmwhIcm3AX_up.YCNVeATQxUF
last-modified
Wed, 21 Sep 2022 03:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1218067
etag
W/"5fe92f640f91955b9bd354d6d0e721cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=8640000
x-amz-cf-id
p9SVz6LEWNrrurv9bg8aEB7DrQEJyh1KQPueV_Kjgwqm3nx4gC0p-A==
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame 33D2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1702204.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-122.ams1.r.cloudfront.net
Software
/
Resource Hash
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.e-rewards.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
73730
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:28:08 GMT
etag
"f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified
Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
x-amz-cf-id
oA-o4eLMx2hSs5v6V7zAV-hFtyj4DPpkmO437_MZfb6NBUMbmoX3gg==
x-amz-cf-pop
AMS1-C1
x-cache
Hit from cloudfront
x-robots-tag
none
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ae6efcd8bfb917e83cc1025084fc434eb2b3cc82ede1d5144c950d2d24b097ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 19:13:48 GMT
server
AkamaiNetStorage
etag
"372ea9f5b6a9bba9973d9fb327998263:1664910828.091502"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
18994
expires
Fri, 07 Oct 2022 05:56:58 GMT
country.js
c.evidon.com/geo/ 		252 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 23:46:45 GMT
server
AkamaiNetStorage
etag
"61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
174
snthemes.js
c.evidon.com/sitenotice/1696/ 		86 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/1696/snthemes.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c07580bcaa038939ed1df3cedcf8831014e9fb136f01059d65217461c1a952a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 10:01:24 GMT
server
AkamaiNetStorage
etag
"d3732f6adb63f67aa3a7926ab008fb33:1662544884.031835"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3865
expires
Fri, 07 Oct 2022 05:56:58 GMT
settingsV2.js
c.evidon.com/sitenotice/1696/e-rewards/
Redirect Chain
  • https://c.evidon.com/sitenotice/1696/e-rewards/settings.js
  • https://c.evidon.com/sitenotice/1696/e-rewards/settingsV2.js
29 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/1696/e-rewards/settingsV2.js
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f87b3de6be66a14fe7305db505dd280e52447c74b548fcce46d0c22c19a010ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
content-encoding
gzip
last-modified
Fri, 30 Sep 2022 15:17:12 GMT
server
AkamaiNetStorage
etag
"3fa1fb0ebf73e93c56c1c2ba77d38d87:1664551032.485733"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3575
expires
Fri, 07 Oct 2022 05:56:58 GMT

Redirect headers

date
Wed, 05 Oct 2022 05:56:58 GMT
server
AkamaiGHost
vary
Origin
access-control-max-age
108000
access-control-allow-methods
GET,OPTIONS,POST
location
https://c.evidon.com/sitenotice/1696/e-rewards/settingsV2.js
access-control-allow-origin
cache-control
max-age=432000, private;max-age=86400
access-control-allow-headers
*
content-length
0
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EJNQK6G68Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFM7ZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f3ba3caae9836c55387c8a17dbe460d41bcb1620a95548382e25a940b792e77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75699
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 05 Oct 2022 05:56:58 GMT
Bootstrap.js
nexus.ensighten.com/choozle/12214/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/12214/Bootstrap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFM7ZQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f6eee008275250a5d785e51e808048ff0d85019c0fe155f07a773d4bdea4f36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 03:18:56 GMT
x-amz-version-id
Wves9fWoeyaDso0HIjRuYUs2ois8PoUy
content-encoding
br
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
2342283
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 12 Aug 2021 15:28:28 GMT
server
AmazonS3
etag
W/"72beaa935fd439fec33703af704232bc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
lU7OOWtDeHFxc2uvaicrQm14tiSYChg5NdQTxcFBSjzV7zs1QL-JjA==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=866971853&t=pageview&_s=1&dl=https%3A%2F%2Fwww.e-rewards.com%2Fmemberagreement.do&ul=en-us&de=UTF-8&dt=Paid%20Surveys%20Online%20%7C%20e-Rewards%20currency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1699590614&gjid=2057254744&cid=1787141844.1664949418&tid=UA-48438478-1&_gid=1066430078.1664949418&_r=1&gtm=2oua30&z=276980450
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.e-rewards.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:56:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.e-rewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
widget.freshworks.com/widgetBase/locales/ Frame 4586 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/locales/en.json
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/10.94324fab217fc1ec04d6.widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9030cf65cb69a872c47189a3e1f695c8f2e1522826ab296d7be86b509dc4fd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:50:56 GMT
x-amz-version-id
nUpkBUuEc9oD22O10C6gbmbYKvyJ_lV_
content-encoding
gzip
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1217163
x-cache
Hit from cloudfront
last-modified
Wed, 21 Sep 2022 03:33:36 GMT
server
AmazonS3
etag
W/"a4790b4f24ede70e1edeed9ac84b0272"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=8640000
x-amz-cf-id
HtRckZ1IMZdDEvmemj-18jE5BuBLbg-Kpm3dBao6l0zOw-9TvV0VEQ==
en.js
c.evidon.com/sitenotice/1696/translations/ 		146 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/1696/translations/en.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7fb7e5f74b8a29529a400608bebbb41d570b0e3c7c9dfb9ce06d8c9af6b05ce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 10:01:23 GMT
server
AkamaiNetStorage
etag
"9d2bf512bce27333a03c74010471dc7c:1662544883.41105"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
9626
expires
Fri, 07 Oct 2022 05:56:58 GMT
collect
region1.analytics.google.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EJNQK6G68Z&gtm=2oea30&_p=866971853&_gaz=1&cid=1787141844.1664949418&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664949418&sct=1&seg=0&dl=https%3A%2F%2Fwww.e-rewards.com%2Fmemberagreement.do&dt=Paid%20Surveys%20Online%20%7C%20e-Rewards%20currency&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EJNQK6G68Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:56:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.e-rewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EJNQK6G68Z&cid=1787141844.1664949418&gtm=2oea30&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EJNQK6G68Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:56:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.e-rewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EJNQK6G68Z&cid=1787141844.1664949418&gtm=2oea30&aip=1&z=1346413289
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:56:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
serverComponent.php
nexus.ensighten.com/choozle/12214/ 		282 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/12214/serverComponent.php?r=983982.1108073886&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/12214/code/&publishedOn=Tue%20Sep%2029%2019:51:26%20GMT%202020&ClientID=923&PageID=https%3A%2F%2Fwww.e-rewards.com%2Fmemberagreement.do
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12214/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-72.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
d9bf6f34ab76422d6e665691ac83d337e1ef962552833c19aa2c70444cc7e978

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
content-length
282
x-amz-cf-id
bcUPzK4232oRO1lde2czB-oJqk4xs_8Y5wnHoAE0aRcEpIZHbkevUw==
expires
Wed, 05 Oct 2022 05:56:57 GMT
evidon-barrier.js
c.evidon.com/sitenotice/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-barrier.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68b08a7e42955e19b961db91ee77f52b379ff30253d27dbd573365359757ea4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 19:13:49 GMT
server
AkamaiNetStorage
etag
"ba40b7418481531fdf6163b7d67c407e:1664910829.023625"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3927
expires
Fri, 07 Oct 2022 05:56:58 GMT
2
l.evidon.com/site/v3/1696/61644/3/1/3/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/1696/61644/3/1/3/2?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
63642
l.evidon.com/site/v3/1696/61644/3/1/3/2/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/1696/61644/3/1/3/2/63642?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
63642
l.evidon.com/site/v3/1696/61644/3/5/3/2/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/1696/61644/3/5/3/2/63642?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: www.e-rewards.com
URL: https://www.e-rewards.com/memberagreement.do
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:56:58 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
77819ac0b9d2bc1d24f7cfdd783cc0d1.js
nexus.ensighten.com/choozle/12214/code/ 		1 KB
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/12214/code/77819ac0b9d2bc1d24f7cfdd783cc0d1.js?conditionId0=421905
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12214/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cfe6b3f2587a9ea5f31db67a0a0fb19a8279d43e35a04332678b7749eb041ad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 01:50:02 GMT
x-amz-version-id
_CQctmzxfCDxv2oKiWq42.gWObD7Ymtz
content-encoding
br
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
3125217
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 12 Aug 2021 15:28:31 GMT
server
AmazonS3
etag
W/"0949f3a716d0a13aa5549a4c9f56c7c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
gwCYSLU2EtnNG-PTVtS4hcTH75jzKrk9BZtbx3LnA3gGLnaOcx7x8w==
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=866971853&t=timing&_s=2&dl=https%3A%2F%2Fwww.e-rewards.com%2Fmemberagreement.do&ul=en-us&de=UTF-8&dt=Paid%20Surveys%20Online%20%7C%20e-Rewards%20currency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2418&pdt=7&dns=0&rrt=146&srt=682&tcp=28&dit=1773&clt=1774&_gst=1742&_gbt=1967&_cst=1733&_cbt=1738&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1787141844.1664949418&tid=UA-48438478-1&_gid=1066430078.1664949418&gtm=2oua30&z=2077600741
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.e-rewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 08:01:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78932
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| svg undefined| cssBlob undefined| style object| corona object| UPP function| $ function| jQuery function| _ object| angular object| googleCaptchaCompleted function| captchaReadyCallback function| formatPoints object| SiteNotification function| bugsnag object| bugsnagClient object| _satellite boolean| __satelliteLoaded function| gtag object| dataLayer function| hj object| _hjSettings object| FontAwesomeKitConfig object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| getUrlParameter string| utm string| medium string| campaign number| __lo_site_id function| openHelpWidget object| fwSettings function| FreshworksWidget number| respondentInfoReady function| initFreshWiidget undefined| freshHelpReady undefined| iFreshWiidget object| FwBootstrap function| contractMode object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules boolean| __lo_csr_added object| evidon object| gaplugins object| gaGlobal object| gaData object| ensBootstraps object| Bootstrapper function| onYouTubeIframeAPIReady string| bucketid

10 Cookies

Domain/Path Name / Value
.e-rewards.com/ Name: _gcl_au
Value: 1.1.1187704911.1664949418
.e-rewards.com/ Name: _gid
Value: GA1.2.1066430078.1664949418
.e-rewards.com/ Name: _gat_gtag_UA_48438478_1
Value: 1
.e-rewards.com/ Name: _hjSessionUser_1702204
Value: eyJpZCI6IjJjYWQyNjU0LWEyN2YtNTk1OS1iZGJjLTQ4NjAyNWU5YzdkYyIsImNyZWF0ZWQiOjE2NjQ5NDk0MTgxMDIsImV4aXN0aW5nIjpmYWxzZX0=
.e-rewards.com/ Name: _hjFirstSeen
Value: 1
www.e-rewards.com/ Name: _hjIncludedInSessionSample
Value: 0
.e-rewards.com/ Name: _hjSession_1702204
Value: eyJpZCI6IjZiNTQyMTQ4LWRmMTctNDQ0OS05NDRlLWVjNmQ0MDI4Y2YxMiIsImNyZWF0ZWQiOjE2NjQ5NDk0MTgxODgsImluU2FtcGxlIjpmYWxzZX0=
.e-rewards.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.e-rewards.com/ Name: _ga_EJNQK6G68Z
Value: GS1.1.1664949418.1.0.1664949418.60.0.0
.e-rewards.com/ Name: _ga
Value: GA1.1.1787141844.1664949418

1 Console Messages

Source Level URL
Text
network error URL: https://www.e-rewards.com/memberagreement.do
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
c.evidon.com
d10lpsik1i8c69.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
darwin-assets.dynata.com
fonts.googleapis.com
fonts.gstatic.com
goggles.mw.dynata.com
ka-f.fontawesome.com
kit.fontawesome.com
l.evidon.com
nexus.ensighten.com
region1.analytics.google.com
script.hotjar.com
sessions.bugsnag.com
settings.luckyorange.net
static.hotjar.com
stats.g.doubleclick.net
upp-public.s3.amazonaws.com
vars.hotjar.com
widget.freshworks.com
www.e-rewards.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
13.32.27.19
172.67.75.100
2001:4860:4802:34::36
23.205.241.144
2600:1901:0:7a0b::
2600:9000:214f:4600:17:5070:d6c0:93a1
2600:9000:236e:8000:3:68f9:62c0:93a1
2606:4700::6812:1634
2606:4700:e6::ac40:ca1c
2a00:1450:4001:802::2003
2a00:1450:4001:806::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c07::9d
2a00:1450:400d:80d::2003
2a00:1450:400d:80e::200e
2a02:26f0:10e:284::1e80
34.205.216.121
34.228.250.246
52.216.144.131
52.222.137.93
65.9.66.123
65.9.66.72
65.9.66.9
65.9.86.122
99.86.1.145
08704cd4341e4868975423d2e5cb401419e8525f51d4124f1a6faa9c43ff2b28
0a9094c150596de12e4d5a157e2ab23b9319a5ebf715b534d78fa4372e5f99c0
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0f3ba3caae9836c55387c8a17dbe460d41bcb1620a95548382e25a940b792e77
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
151747425d77e68d7139dc374ebb289ee1ddda7dea62727a93be1c91591bde2d
223bca8d43d8707a74ccd7526391fe5ac83c702a5c9b7e772bb1ad16644bae02
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3c07580bcaa038939ed1df3cedcf8831014e9fb136f01059d65217461c1a952a
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010
5f6eee008275250a5d785e51e808048ff0d85019c0fe155f07a773d4bdea4f36
683d56d7dcaf63098ebb768af4f59bf2e8e95b41d29b6e603c48507acc1139a3
68b08a7e42955e19b961db91ee77f52b379ff30253d27dbd573365359757ea4e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6beaa737a07b2cdd82921ee0c8f09b66a177140265905ce32c1ef9c1dfb59272
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6f2ae750b8b91083fe462d13950001c71923cefae2e7a2c6a82e5e87b1b5cc63
702a1bce86e29766ac378801b60b23a8bd07c8e342ce074b60ea626e3e2a92a6
702df002dd88e4170106890c93522e64fa41d6ae23c6bb83b80ad88c4a979e43
75d814df063980d65abcc223a3c8313d4ebeba9435ddcd7b961cccdd1688539b
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
7fb7e5f74b8a29529a400608bebbb41d570b0e3c7c9dfb9ce06d8c9af6b05ce8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b5e0ac186f64a05b6f8b95e5fb25e8706c05d7f8141449f769b153b11d9933
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92f5b4fe2623212d2a3adcd3f37434af015ade918449b2371af9ff503780eb73
940814c81f66bbc6074e23d64a49d45c5946d3e93c5c6807dc6c30f52e99b690
96683749d2c3d3d7bd41b1e8fe4ccb72fbdc6d31be4815741cb0c3a471ef3861
9765e2a5cb416fba2b40a4775f7d60a6af704db8799da9bad960a698a5ba2cff
98e192cd4c0c0ff6fe661f022c0569e05b824392f6b172a6b54ff3233d03837e
9a3f4874b9624de93233d866964b0157bb391a458e6171cec6ce2f5023b441aa
ae6efcd8bfb917e83cc1025084fc434eb2b3cc82ede1d5144c950d2d24b097ac
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42
beca0b841439ecad66c06d67aae666878501c28cd78c63add594c9cb8b58531b
bf3d7c09c6f60ad25b09675f259a885789faa56f93832f75a5f6ead5a210b43e
bfb745758c9ec0195071fcaabd9791a08bffbe4315a3c80739b084d37e087369
c1cf04b05e8fec931d6120f71cac0f5ad45b98051fef30df768fe9d1c15baab4
c2e842ed394f4e7535d88f8bd20b33815df788674b008989512efb572ffedf61
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c8ead910f0137791246b27c2ffceb67e8472754570113840bf7e8c4e860446da
ce790ebecbb55dffebbaa44622b9c389a00533b410216fb0a12e92ad28917fdb
cfe6b3f2587a9ea5f31db67a0a0fb19a8279d43e35a04332678b7749eb041ad0
d9030cf65cb69a872c47189a3e1f695c8f2e1522826ab296d7be86b509dc4fd3
d9bf6f34ab76422d6e665691ac83d337e1ef962552833c19aa2c70444cc7e978
e0253ec10cf55e245b9f78544fdb24b4362dc04d031f1f66081012cbd72230d2
e16b9816ecaf90056fe69adbef5506c6c014c03b4d17826f89f84d19a54ba68e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee44cd411ab8bbae046b53b3e23b1a0bf0c85a547df4707c29d094043624dd4b
eebb718a7898bfa8dabd53c7b04f06fc4c9e37de7778cf19d29ab2c30eb7e420
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f87b3de6be66a14fe7305db505dd280e52447c74b548fcce46d0c22c19a010ea
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd1d48c6172c4a60339397890b7687cdcb03b45261d095304888c79e959714fb
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576
fe860cbc35aa951ba1f62490405502ab4f77228774138f2ea129bf5acc49dedb
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995