rewards.mydigitalcard.com Open in urlscan Pro
2606:4700::6810:1dee  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request c71be6c3-4f56-4d1a-a680-43b2abe5cecb Show response rewards.mydigitalcard.com/vw/v0.1/trigger/	1 KB 1 KB	668ms 428ms	Document text/html	2606:4700::6810:1dee Cloudflare
General Check archive.org Show headers Download Go to Full URL https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:1dee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8becc2095fb27fc65ed749eb3423db51fc1d07f5f9f2a6ac14df6c7dedf8a4a4 Security Headers Name Value Content-Security-Policy default-src 'self' www.gstatic.com www.google.com; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority rewards.mydigitalcard.com :scheme https :path /vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers status 200 date Mon, 05 Aug 2019 18:02:55 GMT content-type text/html set-cookie __cfduid=d29f0c4e4c94f8525c166f773313dd27c1565028174; expires=Tue, 04-Aug-20 18:02:54 GMT; path=/; domain=.rewards.mydigitalcard.com; HttpOnly; Secure last-modified Thu, 18 Jul 2019 10:29:42 GMT x-frame-options SAMEORIGIN x-xss-protection 1; mode=block x-content-type-options nosniff content-security-policy default-src 'self' www.gstatic.com www.google.com; referrer-policy same-origin feature-policy sync-xhr 'self'; encrypted-media 'self' strict-transport-security max-age=15552000; includeSubDomains expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 501aaf4d6dbee007-FRA content-encoding gzip
GET H2	200	style.css rewards.mydigitalcard.com/static/css/	187 KB 29 KB	26ms 24ms	Stylesheet text/css	2606:4700::6810:1dee Cloudflare
General Check archive.org Show headers Download Go to Full URL https://rewards.mydigitalcard.com/static/css/style.css?t=1563442608215 Requested by Host: rewards.mydigitalcard.com URL: https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:1dee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 806396e0e90f9c44771985ad339867b421605b07bb0e2cb826ba014fe6e771b0 Security Headers Name Value Content-Security-Policy default-src 'self' www.gstatic.com www.google.com; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 18:02:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 1 status 200 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 18 Jul 2019 10:12:47 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"5d30461f-2ea98" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type text/css cache-control public, max-age=14400 feature-policy sync-xhr 'self'; encrypted-media 'self' content-security-policy default-src 'self' www.gstatic.com www.google.com; cf-ray 501aaf502944e007-FRA expires Mon, 05 Aug 2019 22:02:55 GMT
GET H2	200	font-awesome.min.css rewards.mydigitalcard.com/static/fonts/font-awesome/css/	30 KB 7 KB	22ms 20ms	Stylesheet text/css	2606:4700::6810:1dee Cloudflare
General Check archive.org Show headers Download Go to Full URL https://rewards.mydigitalcard.com/static/fonts/font-awesome/css/font-awesome.min.css Requested by Host: rewards.mydigitalcard.com URL: https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:1dee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Content-Security-Policy default-src 'self' www.gstatic.com www.google.com; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 18:02:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 2 status 200 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 18 Jul 2019 10:12:47 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"5d30461f-7918" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type text/css cache-control public, max-age=14400 feature-policy sync-xhr 'self'; encrypted-media 'self' content-security-policy default-src 'self' www.gstatic.com www.google.com; cf-ray 501aaf502947e007-FRA expires Mon, 05 Aug 2019 22:02:55 GMT
GET H2	200	stylesheet.css rewards.mydigitalcard.com/static/fonts/pt-sans/	2 KB 555 B	21ms 20ms	Stylesheet text/css	2606:4700::6810:1dee Cloudflare
General Check archive.org Show headers Download Go to Full URL https://rewards.mydigitalcard.com/static/fonts/pt-sans/stylesheet.css Requested by Host: rewards.mydigitalcard.com URL: https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:1dee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 4b49a8154f628afa7f2b37f71864e81744cc59beba1bdaca2528184fc59a5e3c Security Headers Name Value Content-Security-Policy default-src 'self' www.gstatic.com www.google.com; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 18:02:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 1 status 200 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 18 Jul 2019 10:29:42 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"5d304a16-7b6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type text/css cache-control public, max-age=14400 feature-policy sync-xhr 'self'; encrypted-media 'self' content-security-policy default-src 'self' www.gstatic.com www.google.com; cf-ray 501aaf502948e007-FRA expires Mon, 05 Aug 2019 22:02:55 GMT
GET H2	200	bundle.min.js Show response rewards.mydigitalcard.com/static/js/	725 KB 213 KB	24ms 23ms	Script application/javascript	2606:4700::6810:1dee Cloudflare
General Check archive.org Show headers Download Go to Full URL https://rewards.mydigitalcard.com/static/js/bundle.min.js?t=1563442608215 Requested by Host: rewards.mydigitalcard.com URL: https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:1dee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 06f14ebb2138207f211a4523b1d241804f90217cb256275fcf5886fee1e149cf Security Headers Name Value Content-Security-Policy default-src 'self' www.gstatic.com www.google.com; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 18:02:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 2 status 200 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 18 Jul 2019 10:29:42 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"5d304a16-b520f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript cache-control public, max-age=14400 feature-policy sync-xhr 'self'; encrypted-media 'self' content-security-policy default-src 'self' www.gstatic.com www.google.com; cf-ray 501aaf50294ae007-FRA expires Mon, 05 Aug 2019 22:02:55 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	844 B 722 B	30ms 16ms	Script text/javascript	2a00:1450:4001:816::2004 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit Requested by Host: rewards.mydigitalcard.com URL: https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software GSE / Resource Hash 80a7f74c2a650abc818a2d40bb4da9a045073ea0c67519b5388c39a37b2911cc Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 18:02:55 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 472 x-xss-protection 1; mode=block expires Mon, 05 Aug 2019 18:02:55 GMT
GET H2	200	background.jpg rewards.mydigitalcard.com/static/images/	107 KB 107 KB	21ms 21ms	Image image/jpeg	2606:4700::6810:1dee Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://rewards.mydigitalcard.com/static/images/background.jpg Requested by Host: rewards.mydigitalcard.com URL: https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:1dee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 755bba64eb72409ae704ba584ca71c2f7373e2a21f4e3502b6a53fcb32e65e6d Security Headers Name Value Content-Security-Policy default-src 'self' www.gstatic.com www.google.com; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://rewards.mydigitalcard.com/static/css/style.css?t=1563442608215 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 18:02:55 GMT x-content-type-options nosniff cf-cache-status HIT age 0 status 200 vary Accept-Encoding content-length 109720 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 18 Jul 2019 10:12:47 GMT server cloudflare x-frame-options SAMEORIGIN etag "5d30461f-1ac98" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type image/jpeg cache-control public, max-age=14400 feature-policy sync-xhr 'self'; encrypted-media 'self' content-security-policy default-src 'self' www.gstatic.com www.google.com; accept-ranges bytes cf-ray 501aaf505a35e007-FRA expires Mon, 05 Aug 2019 22:02:55 GMT
GET H2	200	pt-sans-v9-latin-regular.woff2 rewards.mydigitalcard.com/static/fonts/pt-sans/	44 KB 44 KB	23ms 23ms	Font font/woff2	2606:4700::6810:1dee Cloudflare
General Check archive.org Show headers Download Go to Full URL https://rewards.mydigitalcard.com/static/fonts/pt-sans/pt-sans-v9-latin-regular.woff2 Requested by Host: rewards.mydigitalcard.com URL: https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:1dee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 143c5c0124d14b936536af0c656e10aebbc2bb832563f00137f7e9c717195df1 Security Headers Name Value Content-Security-Policy default-src 'self' www.gstatic.com www.google.com; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode cors Referer https://rewards.mydigitalcard.com/static/fonts/pt-sans/stylesheet.css Origin https://rewards.mydigitalcard.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 18:02:55 GMT x-content-type-options nosniff cf-cache-status HIT age 0 status 200 vary Accept-Encoding content-length 45052 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 18 Jul 2019 10:29:42 GMT server cloudflare x-frame-options SAMEORIGIN etag "5d304a16-affc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type font/woff2 cache-control public, max-age=14400 feature-policy sync-xhr 'self'; encrypted-media 'self' content-security-policy default-src 'self' www.gstatic.com www.google.com; accept-ranges bytes cf-ray 501aaf505a36e007-FRA expires Mon, 05 Aug 2019 22:02:55 GMT
GET H2	403	account Show response rewards.mydigitalcard.com/api/v0.1/	0 211 B	388ms 388ms	XHR text/html	2606:4700::6810:1dee Cloudflare
General Check archive.org Show headers Download Go to Full URL https://rewards.mydigitalcard.com/api/v0.1/account Requested by Host: rewards.mydigitalcard.com URL: https://rewards.mydigitalcard.com/static/js/bundle.min.js?t=1563442608215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:1dee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy block-all-mixed-content, default-src 'self' www.gstatic.com www.google.com; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options DENY, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode cors Response headers date Mon, 05 Aug 2019 18:02:55 GMT content-encoding gzip x-content-type-options nosniff, nosniff status 403 vary Cookie x-xss-protection 1; mode=block, 1; mode=block pragma no-cache referrer-policy strict-origin-when-cross-origin, same-origin server cloudflare x-frame-options DENY, SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type text/html; charset=utf-8 cache-control no-cache, max-age=0, must-revalidate, no-store feature-policy sync-xhr 'self'; encrypted-media 'self' content-security-policy block-all-mixed-content, default-src 'self' www.gstatic.com www.google.com; cf-ray 501aaf50fc94e007-FRA
GET H2	200	logo.png rewards.mydigitalcard.com/static/images/	17 KB 18 KB	23ms 23ms	Image image/png	2606:4700::6810:1dee Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://rewards.mydigitalcard.com/static/images/logo.png Requested by Host: rewards.mydigitalcard.com URL: https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:1dee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash aeb7ccb72ad2d1db5dd3e4a28606303a7b4ca26a4a6984a9f81e634fbb74ebe5 Security Headers Name Value Content-Security-Policy default-src 'self' www.gstatic.com www.google.com; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 18:02:55 GMT x-content-type-options nosniff cf-cache-status HIT age 1 status 200 vary Accept-Encoding content-length 17903 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 18 Jul 2019 10:12:47 GMT server cloudflare x-frame-options SAMEORIGIN etag "5d30461f-45ef" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type image/png cache-control public, max-age=14400 feature-policy sync-xhr 'self'; encrypted-media 'self' content-security-policy default-src 'self' www.gstatic.com www.google.com; accept-ranges bytes cf-ray 501aaf50fc9ae007-FRA expires Mon, 05 Aug 2019 22:02:55 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/api2/v1563777128698/	263 KB 92 KB	18ms 6ms	Script text/javascript	2a00:1450:4001:81a::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/api2/v1563777128698/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash d3aeafa2a7a1cc171df8d7311d7ae69916a46ca07e67151b55e1ee24dc8871bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 22 Jul 2019 21:28:29 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 22 Jul 2019 17:45:00 GMT server sffe age 1197266 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 94063 x-xss-protection 0 expires Tue, 21 Jul 2020 21:28:29 GMT
GET H2	200	fontawesome-webfont.woff2 rewards.mydigitalcard.com/static/fonts/font-awesome/fonts/	75 KB 76 KB	501ms 501ms	Font font/woff2	2606:4700::6810:1dee Cloudflare
General Check archive.org Show headers Download Go to Full URL https://rewards.mydigitalcard.com/static/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: rewards.mydigitalcard.com URL: https://rewards.mydigitalcard.com/static/js/bundle.min.js?t=1563442608215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:1dee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Content-Security-Policy default-src 'self' www.gstatic.com www.google.com; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode cors Referer https://rewards.mydigitalcard.com/static/fonts/font-awesome/css/font-awesome.min.css Origin https://rewards.mydigitalcard.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 18:02:56 GMT x-content-type-options nosniff cf-cache-status MISS status 200 vary Accept-Encoding content-length 77160 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 18 Jul 2019 10:12:47 GMT server cloudflare x-frame-options SAMEORIGIN etag "5d30461f-12d68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type font/woff2 cache-control public, max-age=14400 feature-policy sync-xhr 'self'; encrypted-media 'self' content-security-policy default-src 'self' www.gstatic.com www.google.com; accept-ranges bytes cf-ray 501aaf537f8be007-FRA expires Mon, 05 Aug 2019 22:02:56 GMT
GET H2	200	logout Show response rewards.mydigitalcard.com/api/v0.1/	17 B 121 B	115ms 115ms	XHR application/json	2606:4700::6810:1dee Cloudflare
General Check archive.org Show headers Download Go to Full URL https://rewards.mydigitalcard.com/api/v0.1/logout Requested by Host: rewards.mydigitalcard.com URL: https://rewards.mydigitalcard.com/static/js/bundle.min.js?t=1563442608215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:1dee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4 Security Headers Name Value Content-Security-Policy block-all-mixed-content, default-src 'self' www.gstatic.com www.google.com; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options DENY, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode cors Response headers date Mon, 05 Aug 2019 18:02:56 GMT x-content-type-options nosniff, nosniff status 200 strict-transport-security max-age=15552000; includeSubDomains content-length 17 x-xss-protection 1; mode=block, 1; mode=block pragma no-cache referrer-policy strict-origin-when-cross-origin, same-origin server cloudflare x-frame-options DENY, SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Cookie content-type application/json cache-control no-cache, max-age=0, must-revalidate, no-store feature-policy sync-xhr 'self'; encrypted-media 'self' content-security-policy block-all-mixed-content, default-src 'self' www.gstatic.com www.google.com; cf-ray 501aaf538fb0e007-FRA
POST H2	200	trigger Show response rewards.mydigitalcard.com/api/v0.1/	74 B 164 B	435ms 434ms	XHR application/json	2606:4700::6810:1dee Cloudflare
General Check archive.org Show headers Download Go to Full URL https://rewards.mydigitalcard.com/api/v0.1/trigger Requested by Host: rewards.mydigitalcard.com URL: https://rewards.mydigitalcard.com/static/js/bundle.min.js?t=1563442608215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:1dee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 5bac10d12ec890c7d302738366771669ae00a93b36c37f4ff8c16cb2da6c538e Security Headers Name Value Content-Security-Policy block-all-mixed-content, default-src 'self' www.gstatic.com www.google.com; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options DENY, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://rewards.mydigitalcard.com/vw/v0.1/trigger/c71be6c3-4f56-4d1a-a680-43b2abe5cecb User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode cors Content-Type application/json;charset=UTF-8 Response headers date Mon, 05 Aug 2019 18:02:56 GMT content-encoding gzip x-content-type-options nosniff, nosniff status 200 vary Cookie x-xss-protection 1; mode=block, 1; mode=block pragma no-cache referrer-policy strict-origin-when-cross-origin, same-origin server cloudflare x-frame-options DENY, SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains content-type application/json cache-control no-cache, max-age=0, must-revalidate, no-store feature-policy sync-xhr 'self'; encrypted-media 'self' content-security-policy block-all-mixed-content, default-src 'self' www.gstatic.com www.google.com; cf-ray 501aaf53b86be007-FRA

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| _typeof function| vueRecaptchaApiLoaded object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| user object| __SENTRY__ object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rewards.mydigitalcard.com/	1970-01-19 11:29:24	Name: __cfduid Value: d29f0c4e4c94f8525c166f773313dd27c1565028174

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' www.gstatic.com www.google.com;
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rewards.mydigitalcard.com
www.google.com
www.gstatic.com
2606:4700::6810:1dee
2a00:1450:4001:816::2004
2a00:1450:4001:81a::2003
06f14ebb2138207f211a4523b1d241804f90217cb256275fcf5886fee1e149cf
143c5c0124d14b936536af0c656e10aebbc2bb832563f00137f7e9c717195df1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4b49a8154f628afa7f2b37f71864e81744cc59beba1bdaca2528184fc59a5e3c
5bac10d12ec890c7d302738366771669ae00a93b36c37f4ff8c16cb2da6c538e
755bba64eb72409ae704ba584ca71c2f7373e2a21f4e3502b6a53fcb32e65e6d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
806396e0e90f9c44771985ad339867b421605b07bb0e2cb826ba014fe6e771b0
80a7f74c2a650abc818a2d40bb4da9a045073ea0c67519b5388c39a37b2911cc
8becc2095fb27fc65ed749eb3423db51fc1d07f5f9f2a6ac14df6c7dedf8a4a4
aeb7ccb72ad2d1db5dd3e4a28606303a7b4ca26a4a6984a9f81e634fbb74ebe5
d3aeafa2a7a1cc171df8d7311d7ae69916a46ca07e67151b55e1ee24dc8871bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4