urlscan.io logo urlscan.io
SecurityTrails logo

rewards.cariboucoffee.com Open in urlscan Pro
168.61.148.226  Public Scan

Go To Rescan Add Verdict Report
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Submission: On April 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 19 domains to perform 68 HTTP transactions. The main IP is 168.61.148.226, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is rewards.cariboucoffee.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 10th 2022. Valid for: a year.
This is the only time rewards.cariboucoffee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 168.61.148.226 8075 (MICROSOFT...)
13 2606:2800:233... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
14 2620:1ec:46::44 8068 (MICROSOFT...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 34.211.154.151 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 152.199.19.160 15133 (EDGECAST)
2 2620:1ec:bdf::44 8068 (MICROSOFT...)
1 40.79.189.58 8075 (MICROSOFT...)
68 22
1    168.61.148.226 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rewards.cariboucoffee.com
13    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
assets.coffeeandbagels-static.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
14    2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
oc-cdn-ocprod.azureedge.net
ocsdk-prod.azureedge.net
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.userway.org
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    34.211.154.151 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-154-151.us-west-2.compute.amazonaws.com
api.userway.org
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
cdn.botframework.com
2    2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
comms.omnichannelengagementhub.com
1    40.79.189.58 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
Apex Domain
Subdomains		 Transfer
14 azureedge.net
oc-cdn-ocprod.azureedge.net — Cisco Umbrella Rank: 61411
ocsdk-prod.azureedge.net
389 KB
13 coffeeandbagels-static.com
assets.coffeeandbagels-static.com — Cisco Umbrella Rank: 558674
291 KB
9 userway.org
cdn.userway.org — Cisco Umbrella Rank: 5551
api.userway.org — Cisco Umbrella Rank: 5445
82 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
342 KB
4 google.com
play.google.com — Cisco Umbrella Rank: 31
www.google.com — Cisco Umbrella Rank: 4
15 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
3 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 2004
22 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
501 B
2 google.de
www.google.de — Cisco Umbrella Rank: 5383
608 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
518 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
114 KB
1 omnichannelengagementhub.com
comms.omnichannelengagementhub.com
orgefb603ce-crm.omnichannelengagementhub.com Failed
5 KB
1 microsoft.com
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 151
398 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 3371
38 KB
1 botframework.com
cdn.botframework.com — Cisco Umbrella Rank: 22963
808 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
42 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2388
15 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 647
24 KB
1 cariboucoffee.com
rewards.cariboucoffee.com
6 KB
68 19
Domain Requested by
13 oc-cdn-ocprod.azureedge.net rewards.cariboucoffee.com
oc-cdn-ocprod.azureedge.net
13 assets.coffeeandbagels-static.com rewards.cariboucoffee.com
assets.coffeeandbagels-static.com
7 cdn.userway.org rewards.cariboucoffee.com
cdn.userway.org
4 www.gstatic.com www.recaptcha.net
www.gstatic.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
rewards.cariboucoffee.com
3 www.recaptcha.net rewards.cariboucoffee.com
www.gstatic.com
www.recaptcha.net
2 www.facebook.com rewards.cariboucoffee.com
2 www.google.de rewards.cariboucoffee.com
2 www.google.com rewards.cariboucoffee.com
2 stats.g.doubleclick.net www.google-analytics.com
2 fonts.gstatic.com www.recaptcha.net
2 api.userway.org cdn.userway.org
2 connect.facebook.net rewards.cariboucoffee.com
connect.facebook.net
2 play.google.com 1 redirects rewards.cariboucoffee.com
1 ocsdk-prod.azureedge.net oc-cdn-ocprod.azureedge.net
1 comms.omnichannelengagementhub.com oc-cdn-ocprod.azureedge.net
1 browser.pipe.aria.microsoft.com oc-cdn-ocprod.azureedge.net
1 js.monitor.azure.com oc-cdn-ocprod.azureedge.net
1 cdn.botframework.com oc-cdn-ocprod.azureedge.net
1 www.googletagmanager.com rewards.cariboucoffee.com
1 stackpath.bootstrapcdn.com rewards.cariboucoffee.com
1 code.jquery.com rewards.cariboucoffee.com
1 rewards.cariboucoffee.com
0 orgefb603ce-crm.omnichannelengagementhub.com Failed ocsdk-prod.azureedge.net
68 24
Subject Issuer Validity Valid
*.cariboucoffee.com
Go Daddy Secure Certificate Authority - G2		 2022-01-10 -
2023-01-08		 a year crt.sh
sni7281gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-17 -
2022-10-18		 a year crt.sh
misc.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.azureedge.net
Microsoft Azure TLS Issuing CA 05		 2022-03-25 -
2023-03-20		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
1667503734.rsc.cdn77.org
R3		 2022-03-17 -
2022-06-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-22 -
2022-04-22		 3 months crt.sh
api.userway.org
Amazon		 2021-11-02 -
2022-11-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 02		 2022-03-27 -
2023-03-22		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-03-02 -
2023-02-25		 a year crt.sh
comms.omnichannelengagementhub.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-08 -
2022-09-08		 a year crt.sh

This page contains 3 frames:

Primary Page: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Frame ID: 02781E332F45BA33E275BB861B511B7C
Requests: 44 HTTP requests in this frame

Frame: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
Frame ID: BF9176C04F77E16B2B57AF630F183204
Requests: 17 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeBiUcbAAAAAIy6S8Pf3zojrd-mSwn1dx1qtLr5&co=aHR0cHM6Ly9yZXdhcmRzLmNhcmlib3Vjb2ZmZWUuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=tyl8pzgupxb6
Frame ID: 9B2BABF7009839BA32305139622D5884
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Claim your gift here! - Caribou Perks

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

97 %
HTTPS

81 %
IPv6

19
Domains

24
Subdomains

22
IPs

5
Countries

2215 kB
Transfer

7647 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png HTTP 302
  • https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cf713991-6199-4f2c-a572-2b390b00d71a
rewards.cariboucoffee.com/claim-reward/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.61.148.226 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8060d730be4a3ed1536060acdad7301e232585a18544f7537362c3ce69c69377
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Content-Encoding
gzip
Content-Length
4937
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Apr 2022 17:44:51 GMT
ETag
W/"3ae7-ZQedR1UtyFAnn1GUzeL1FZlIKFw"
Expires
0
Keep-Alive
timeout=5
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=15552000; includeSubDomains
Surrogate-Control
no-store
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
request-context
appId=cid-v1:a799e960-04d3-46c9-91ee-4cd79f5ae436
caribou.min.css
assets.coffeeandbagels-static.com/rewards/stylesheets/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.coffeeandbagels-static.com/rewards/stylesheets/caribou.min.css?v=9e102e9a69a325bad1bcbf7091803cc3
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA9) /
Resource Hash
1e50f1f54c9c5907ded720df9728f5a7c61323ca3dbf92e2fb027fe3003a0257

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
gzip
content-md5
nhAummmjJbrRvL9wkYA8ww==
age
379321
x-cache
HIT
content-length
7813
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (mil/6CA9)
etag
0x8D9FCA1CCF9258B
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f744d248-301e-005b-1a7d-4d679c000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
enterprise.js
www.recaptcha.net/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise.js?render=6LeBiUcbAAAAAIy6S8Pf3zojrd-mSwn1dx1qtLr5
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
26fae406d5b6f1d45d59b454c8d8e0fdc94bf0ad9e01d73f2b98bdccebeaba98
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
626
x-xss-protection
1; mode=block
expires
Fri, 15 Apr 2022 17:44:52 GMT
logo-caribou.png
assets.coffeeandbagels-static.com/rewards/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.coffeeandbagels-static.com/rewards/images/logo-caribou.png
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C14) /
Resource Hash
5c80624b8061dd14b732abd937e2c2bec66ee952f297b44fba6f4a7be52f3421

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-md5
ADxCMI2c82Tu8E5LWKLQ+g==
age
379321
x-cache
HIT
content-length
2706
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (mil/6C14)
etag
0x8D9FCA1CCE32FD1
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
3b060634-201e-0025-057d-4df7db000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
accept-ranges
bytes
caribou-program-logo.png
assets.coffeeandbagels-static.com/rewards/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.coffeeandbagels-static.com/rewards/images/caribou-program-logo.png
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C89) /
Resource Hash
95d81e4ffe7e95ac9ef3f03e275f105beaa01a1a6a730dacfef0a5960b495254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-md5
htXHSOkmFKTKQD6jn0N2gg==
age
379321
x-cache
HIT
content-length
20897
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (mil/6C89)
etag
0x8D9FCA1CCDFFBF8
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
9e6c23b3-b01e-0045-6c7d-4d8b44000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
accept-ranges
bytes
MobilePay-App_70x70.jpg
assets.coffeeandbagels-static.com/rewards/images/caribou/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.coffeeandbagels-static.com/rewards/images/caribou/MobilePay-App_70x70.jpg
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C9F) /
Resource Hash
13b65e91f908dde622ed8afb09fc0543107fe19e6aed1911e5aaf2e42f7726dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-md5
b816smbpZUUm0cABGfYq7Q==
age
379321
x-cache
HIT
content-length
5715
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (mil/6C9F)
etag
0x8D9FCA1CCEE51B7
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
1288c979-501e-003f-347d-4d9604000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
accept-ranges
bytes
MoreVisits-MorePerks_70x70.jpg
assets.coffeeandbagels-static.com/rewards/images/caribou/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.coffeeandbagels-static.com/rewards/images/caribou/MoreVisits-MorePerks_70x70.jpg
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C43) /
Resource Hash
3c71c19baf38525f5559ba9c08e9b432e211c9dff235543eb4731f192b4df5ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-md5
GUkbcC4fTaTikLMT1iGNfw==
age
379321
x-cache
HIT
content-length
5050
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (mil/6C43)
etag
0x8D9FCA1CCF11069
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
22d56cf7-501e-0000-5e7d-4d5ea7000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
accept-ranges
bytes
MedDrinkOnUs_70x70.jpg
assets.coffeeandbagels-static.com/rewards/images/caribou/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.coffeeandbagels-static.com/rewards/images/caribou/MedDrinkOnUs_70x70.jpg
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C9C) /
Resource Hash
fa31c1b2de2ac7213e359e105402e5aa6e716be910d2f832e3871ba896664883

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-md5
mj6uMOPZQWMAXkQQH3TBzA==
age
379321
x-cache
HIT
content-length
5833
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (mil/6C9C)
etag
0x8D9FCA1CCED6776
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
b1a7bf24-001e-001d-427d-4d531b000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
accept-ranges
bytes
Bou-Day_70x70.jpg
assets.coffeeandbagels-static.com/rewards/images/caribou/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.coffeeandbagels-static.com/rewards/images/caribou/Bou-Day_70x70.jpg
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CB9) /
Resource Hash
c96d16789c7907add66ef3a490d6d014f7c46ec85b009bec3a59165f583a661f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-md5
O0LRBoo3u7/HVvY1Eir1xQ==
age
379321
x-cache
HIT
content-length
4760
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (mil/6CB9)
etag
0x8D9FCA1CCE8AD3A
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
bd60a533-001e-0032-4c7d-4d5ed0000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
accept-ranges
bytes
1stLookForMembers_70x70.jpg
assets.coffeeandbagels-static.com/rewards/images/caribou/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.coffeeandbagels-static.com/rewards/images/caribou/1stLookForMembers_70x70.jpg
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BAC) /
Resource Hash
abab82d9c0930768326b742c1b883f02c5acd08441100e0121a3468e56db7bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-md5
Qz2bbmmj2HbmcRUoiIUO3g==
age
379321
x-cache
HIT
content-length
6108
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (mil/6BAC)
etag
0x8D9FCA1CCE88630
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
6be2d3b4-201e-0035-187d-4d32b3000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
accept-ranges
bytes
en_badge_web_generic.png
play.google.com/intl/en_us/badges/static/images/badges/
Redirect Chain
  • https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png
  • https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:44:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 05:15:00 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/play_google
report-to
{"group":"uxe-owners-acl/play_google","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/play_google"}]}
content-type
image/png
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13957
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="uxe-owners-acl/play_google"
expires
Fri, 15 Apr 2022 17:44:52 GMT

Redirect headers

date
Fri, 15 Apr 2022 17:44:52 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
284
x-xss-protection
0
appstore.png
assets.coffeeandbagels-static.com/rewards/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.coffeeandbagels-static.com/rewards/images/appstore.png
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C0D) /
Resource Hash
420105fb15a6b3dd7cf362e8d81d397a6372905c8054394687ce4382b8b7611c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-md5
GOYPmE1dqyiglryHQj+vKQ==
age
379321
x-cache
HIT
content-length
10001
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (mil/6C0D)
etag
0x8D9FCA1CCDD1632
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a81c008e-c01e-0012-527d-4d2577000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
accept-ranges
bytes
LiveChatBootstrapper.js
oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/ 		79 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
90bba60f8cf5fd1b759426faf322a0653b4bea3e60873db2a66d1bdb656d8b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:51 GMT
content-encoding
br
x-azure-ref-originshield
0FfNYYgAAAACCL2T6FiYqTrTndVyK5fDjQU1TMDRFREdFMTgxNQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5
9Ywipe3+Sc+sE6W88qN2tQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Sat, 26 Feb 2022 11:05:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F917EBEDA321
x-azure-ref
0FK9ZYgAAAADahRC6Wpr9QbC4Z3PE5g/CRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4ebbda70-d01e-0146-58d6-4e5ad4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
jquery-3.3.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer
https://rewards.cariboucoffee.com/
Origin
https://rewards.cariboucoffee.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1111d"
vary
Accept-Encoding
x-hw
1650044692.dop102.fr8.t,1650044692.cds252.fr8.hn,1650044692.cds274.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24038
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rewards.cariboucoffee.com/
Origin
https://rewards.cariboucoffee.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723
access-control-allow-origin
*
cdn-cachedat
02/05/2022 16:58:08
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:07 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
27825f9a414ddedb7247e2b151266e3d
cf-ray
6fc67de03f2c2373-ZRH
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
bundle.3553a1ee35f7f62f56e6.js
assets.coffeeandbagels-static.com/rewards/javascripts/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.coffeeandbagels-static.com/rewards/javascripts/bundle.3553a1ee35f7f62f56e6.js
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C04) /
Resource Hash
d6db53c7dbf1d54218584a90b603822c9ec44f018f29b2ba01641af99e76cb28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
gzip
content-md5
D6h+/0Pkp1AVlpbs6SA2iQ==
age
379321
x-cache
HIT
content-length
6418
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (mil/6C04)
etag
0x8D9FCA1CCF38118
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
180ecacd-f01e-0054-767d-4d11f0000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
recaptcha__de.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LeBiUcbAAAAAIy6S8Pf3zojrd-mSwn1dx1qtLr5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rewards.cariboucoffee.com/
Origin
https://rewards.cariboucoffee.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145700
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 17:43:31 GMT
gtm.js
www.googletagmanager.com/ 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQTT4RL
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
36965ee462e0aa8ed300d4d0a808b594c734113d9dc61d11b231b0105bf7b5d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42079
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Apr 2022 17:44:52 GMT
NeutrafaceTextBold.woff2
assets.coffeeandbagels-static.com/rewards/fonts/ 		93 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.coffeeandbagels-static.com/rewards/fonts/NeutrafaceTextBold.woff2
Requested by
Host: assets.coffeeandbagels-static.com
URL: https://assets.coffeeandbagels-static.com/rewards/stylesheets/caribou.min.css?v=9e102e9a69a325bad1bcbf7091803cc3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E87) /
Resource Hash
0328b97e4845eacf889e52bd79ce035d72a6583ee7a2e4f5126ba1c83019c0e5

Request headers

Referer
https://assets.coffeeandbagels-static.com/rewards/stylesheets/caribou.min.css?v=9e102e9a69a325bad1bcbf7091803cc3
Origin
https://rewards.cariboucoffee.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-md5
cNImd3BhiLMEY8stBVktdA==
age
3048
x-cache
HIT
content-length
95172
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (frc/8E87)
etag
0x8D9FCA1CCD80DDD
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
a5f43a26-101e-002e-28e9-500cb0000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
accept-ranges
bytes
NeutrafaceTextBook.woff2
assets.coffeeandbagels-static.com/rewards/fonts/ 		100 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.coffeeandbagels-static.com/rewards/fonts/NeutrafaceTextBook.woff2
Requested by
Host: assets.coffeeandbagels-static.com
URL: https://assets.coffeeandbagels-static.com/rewards/stylesheets/caribou.min.css?v=9e102e9a69a325bad1bcbf7091803cc3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E93) /
Resource Hash
48be0ad129611c69e2743660c59496b9db2b47d1376ca1ef615c31dd62926f59

Request headers

Referer
https://assets.coffeeandbagels-static.com/rewards/stylesheets/caribou.min.css?v=9e102e9a69a325bad1bcbf7091803cc3
Origin
https://rewards.cariboucoffee.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-md5
hanUM5MeoizMxgGkWT8yiw==
age
3048
x-cache
HIT
content-length
102396
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (frc/8E93)
etag
0x8D9FCA1CCDF5FCC
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
8b80d28a-601e-0024-51e9-50a807000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
accept-ranges
bytes
VinylRegular.woff2
assets.coffeeandbagels-static.com/rewards/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.coffeeandbagels-static.com/rewards/fonts/VinylRegular.woff2
Requested by
Host: assets.coffeeandbagels-static.com
URL: https://assets.coffeeandbagels-static.com/rewards/stylesheets/caribou.min.css?v=9e102e9a69a325bad1bcbf7091803cc3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F14) /
Resource Hash
6e4f6165519b07dc94028db2f2d708e9d3483be23ee586ed6c04c6c965946907

Request headers

Referer
https://assets.coffeeandbagels-static.com/rewards/stylesheets/caribou.min.css?v=9e102e9a69a325bad1bcbf7091803cc3
Origin
https://rewards.cariboucoffee.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-md5
QdBPBkNRUc5bVntOiUbVrA==
age
3048
x-cache
HIT
content-length
22947
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 23:10:10 GMT
server
ECAcc (frc/8F14)
etag
0x8D9FCA1CCDB41BA
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
9d2dc546-801e-004e-0ae9-50702f000000
access-control-expose-headers
x-ms-request-id,x-ms-version
x-ms-version
2009-09-19
accept-ranges
bytes
widget.js
cdn.userway.org/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
55b1529ebd2302d3890c03a7b27d57e83a816801dc59365321c9b16c7ac78211

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 15 Apr 2022 17:44:52 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
x-77-nzt-ray
hLg+E0LArOI
age
126
x-77-cache
HIT
x-cache
HIT
x-age
2867
content-encoding
br
x-77-nzt
AcO1ry+TVFn/MwsAAA
x-accel-expires
@1650045425
last-modified
Thu, 14 Apr 2022 08:46:16 GMT
server
CDN77-Turbo
etag
W/"76cfcc86fd0e0a7a6d5a737f533fb6da"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
huebmuFT_0MnkJXzAxPUdbwF7V2vsokNskDnuYJYAC4D6cMCgMm6nw==
LiveChatWidgetFrame.css
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/ 		2 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/LiveChatWidgetFrame.css
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c9a80625e971b234d28263a9f86712c4ccb54feb7d37379f8ec6930c4f534f9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
br
x-azure-ref-originshield
00jZZYgAAAAC/yBo4BrEXR5ezltQo6QSDQU1TMDRFREdFMTkwNgA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5
T6+Ch2oZZGwEGnAXQDcCfw==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Sat, 26 Feb 2022 11:05:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F917EECD99DB
x-azure-ref
0FK9ZYgAAAACmq4wbLpsJQ70Y6npGmu0ZRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
0dc9a64c-c01e-0037-01a4-4e42f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
chat.html
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/ Frame BF91 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a75d69cfc96d32fd87c93b4cfc533626916ad843fb315404fe3a1266a41f4646

Request headers

Referer
https://rewards.cariboucoffee.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
content-encoding
br
content-md5
4svHTbPebj5nFznb41LdVg==
content-type
text/html
date
Fri, 15 Apr 2022 17:44:52 GMT
etag
0x8D9F917EC90F6E3
last-modified
Sat, 26 Feb 2022 11:05:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-azure-ref
0FK9ZYgAAAAAgw6G/wCeMQKdnGCJ2CnDTRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
x-azure-ref-originshield
0LMFYYgAAAAClEjHBLm6cSrSMl34RZGDQQU1TMDRFREdFMTkxNQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
x-cache
TCP_HIT
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
3f8e8735-d01e-0092-54c7-4e1488000000
x-ms-version
2009-09-19
LiveChatBootstrapper.js
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/ Frame BF91 		79 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
90bba60f8cf5fd1b759426faf322a0653b4bea3e60873db2a66d1bdb656d8b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
br
x-azure-ref-originshield
0PtxYYgAAAABc4cEZBx8mTJKSeh3RZNblQU1TMDRFREdFMTgxOAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5
9Ywipe3+Sc+sE6W88qN2tQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Sat, 26 Feb 2022 11:05:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F917EDC59FBA
x-azure-ref
0FK9ZYgAAAABcz823/d+tQ7jWNRwsaXbLRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0ed33852-001e-0127-2dbc-4e7997000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQTT4RL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5261
date
Fri, 15 Apr 2022 16:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 15 Apr 2022 18:17:11 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
174vBnT2AUJ2/iQCJ/SsYT/Z8pQ5+FlvC7yt9r9kqtV9HEN40FuN8XgW4hvPW1CwaA5zSCDoG2/6fWiSXiUG8w==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 15 Apr 2022 17:44:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
LiveChatWidgetLibs.min.js
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame BF91 		412 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4c6b8238224112dde0a10a3aae95d9e7e23bee7a3c98b76e00137f36370a34b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
br
x-azure-ref-originshield
01YdZYgAAAAAGWiDC6tzvSq3BZxG9y6kPQU1TMDRFREdFMTkyMgA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5
AV3A5KYwCd4LKK8Bu2rBWw==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Sat, 26 Feb 2022 11:05:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F917EDB0461F
x-azure-ref
0FK9ZYgAAAACQbSLS0bJBTZPar7Owx/4RRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0379bd20-701e-00a4-41c1-4e99f8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
widget_app_base_1649925846237.js
cdn.userway.org/widgetapp/2022-04-14/ 		107 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2022-04-14/widget_app_base_1649925846237.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
afc223c1bd3066c35e04f31e313245c2e4a2843e55c05a42f400b2071ecd5552

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 15 Apr 2022 17:44:52 GMT
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-77-nzt-ray
SCCKH0FKN4I
age
126
x-77-cache
HIT
x-cache
HIT
x-age
118103
content-encoding
br
x-77-nzt
AcO1ry+tOhr/V80BAA
x-accel-expires
@1675846589
last-modified
Thu, 14 Apr 2022 08:46:15 GMT
server
CDN77-Turbo
etag
W/"6137d219c215f868c0fa4bd60a0b7ea2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
XZFmYRbp-XVLHVUHO75wvQN5HE8oWHOZ5m4k2vauqpuozernnBC5Xw==
1925342967748264
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1925342967748264?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
54e06f1c85e7b57cf8d463186959b8685678252f0e9f5578be4683d93f20bef1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ZBRMkm6WoVHghB+4ScWoi5o7tWw7tTs+d/wOOmHsx0LZQn5vQVWdnOwruF9nE2nww7homdn9ZPFhDJZSknYwCg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 15 Apr 2022 17:44:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
YJP1VHOsBf
api.userway.org/api/tunings/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/YJP1VHOsBf
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-04-14/widget_app_base_1649925846237.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.154.151 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-154-151.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
fb38a248f0633f88f3f846dcff8d5096aeb6de2eca235426a7babde985c9d2b9

Request headers

Referer
https://rewards.cariboucoffee.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Apr 2022 17:44:52 GMT
etag
W/"72a-riI4unWutzvil88VbcUIImCVZoM"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers
*
content-length
1834
x-service-version
uw-pr
LiveChatWidgetScripts.min.js
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/ Frame BF91 		403 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aae303d1fd01e90c78fec421ddc5135df6d2d1d255cc8b45a345d10f559a3fbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
br
x-azure-ref-originshield
01odZYgAAAABUABZa+M70SIdJaGS9osQpQU1TMDRFREdFMTkyMQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5
o+Gu8CtmvGZGVq7Se3ZvUA==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Sat, 26 Feb 2022 11:05:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F917EDD15DCF
x-azure-ref
0FK9ZYgAAAAAHGpWOF+FJQKb0n/ra6p6nRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
37d3aa8e-101e-0069-80b8-4ea912000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
anchor
www.recaptcha.net/recaptcha/enterprise/ Frame 9B2B 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeBiUcbAAAAAIy6S8Pf3zojrd-mSwn1dx1qtLr5&co=aHR0cHM6Ly9yZXdhcmRzLmNhcmlib3Vjb2ZmZWUuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=tyl8pzgupxb6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
362d0a8e5b81165d82eca426308c183be4c8a57caa6a3e831598161527e2989a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i3EMvltAP0BBK72Dg8LfUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rewards.cariboucoffee.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21751
content-security-policy
script-src 'report-sample' 'nonce-i3EMvltAP0BBK72Dg8LfUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 17:44:52 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 9B2B 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeBiUcbAAAAAIy6S8Pf3zojrd-mSwn1dx1qtLr5&co=aHR0cHM6Ly9yZXdhcmRzLmNhcmlib3Vjb2ZmZWUuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=tyl8pzgupxb6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Apr 2023 16:48:12 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 9B2B 		362 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeBiUcbAAAAAIy6S8Pf3zojrd-mSwn1dx1qtLr5&co=aHR0cHM6Ly9yZXdhcmRzLmNhcmlib3Vjb2ZmZWUuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=tyl8pzgupxb6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145700
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 17:44:24 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9B2B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:40:09 GMT
x-content-type-options
nosniff
age
79483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 21 Apr 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B2B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeBiUcbAAAAAIy6S8Pf3zojrd-mSwn1dx1qtLr5&co=aHR0cHM6Ly9yZXdhcmRzLmNhcmlib3Vjb2ZmZWUuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=tyl8pzgupxb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 17:06:41 GMT
x-content-type-options
nosniff
age
261491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B2B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeBiUcbAAAAAIy6S8Pf3zojrd-mSwn1dx1qtLr5&co=aHR0cHM6Ly9yZXdhcmRzLmNhcmlib3Vjb2ZmZWUuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=tyl8pzgupxb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 14:17:54 GMT
x-content-type-options
nosniff
age
271618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 14:17:54 GMT
webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame 9B2B 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeBiUcbAAAAAIy6S8Pf3zojrd-mSwn1dx1qtLr5&co=aHR0cHM6Ly9yZXdhcmRzLmNhcmlib3Vjb2ZmZWUuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=tyl8pzgupxb6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e1492d5e8bde0eb89be6de49b447802fa96fb5b253b63a8c3900b85b0528e62b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeBiUcbAAAAAIy6S8Pf3zojrd-mSwn1dx1qtLr5&co=aHR0cHM6Ly9yZXdhcmRzLmNhcmlib3Vjb2ZmZWUuY29tOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=tyl8pzgupxb6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 15 Apr 2022 17:44:52 GMT
LiveChatWidgetAll.min.css
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/ Frame BF91 		53 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/LiveChatWidgetAll.min.css
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
73b480817c5fb5f37a7c13ad5c6b983c3a2350059d57676a9aed98f3dec63cbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
br
x-azure-ref-originshield
0y/JYYgAAAABuP96WdAUzTLfbbYt0ttxpQU1TMDRFREdFMTkxNQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5
oi4SO1+7FfDej/aJxEBAHQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Sat, 26 Feb 2022 11:05:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F917EEC8B897
x-azure-ref
0FK9ZYgAAAADOO73Z8PjmR6e4kSDlEVwMRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
69d058a0-a01e-0043-01ec-4f7602000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=274432129&t=event&ni=0&_s=1&dl=https%3A%2F%2Frewards.cariboucoffee.com%2Fclaim-reward%2Fcf713991-6199-4f2c-a572-2b390b00d71a&ul=en-us&de=UTF-8&dt=Claim%20your%20gift%20here!%20-%20Caribou%20Perks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Account&ea=Invalid%20Access%20by%20Guest&el=%2Fcf713991-6199-4f2c-a572-2b390b00d71a&_u=YEBAAEABAAAAAC~&jid=14300160&gjid=55493160&cid=1242146308.1650044693&tid=UA-5054783-1&_gid=440012174.1650044693&_r=1&gtm=2wg4d0WQTT4RL&z=1886200143
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rewards.cariboucoffee.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 17:44:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rewards.cariboucoffee.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5054783-1&cid=1242146308.1650044693&jid=1123034879&gjid=1619470917&_gid=440012174.1650044693&_u=YGDAgEABAAAAAG~&z=908118568
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rewards.cariboucoffee.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 15 Apr 2022 17:44:52 GMT
content-type
text/plain
access-control-allow-origin
https://rewards.cariboucoffee.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=274432129&t=pageview&_s=1&dl=https%3A%2F%2Frewards.cariboucoffee.com%2Fclaim-reward%2Fcf713991-6199-4f2c-a572-2b390b00d71a&ul=en-us&de=UTF-8&dt=Claim%20your%20gift%20here!%20-%20Caribou%20Perks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAC~&jid=1123034879&gjid=1619470917&cid=1242146308.1650044693&tid=UA-5054783-1&_gid=440012174.1650044693&gtm=2wg4d0WQTT4RL&z=1942834550
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 19:26:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80319
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5054783-1&cid=1242146308.1650044693&jid=14300160&gjid=55493160&_gid=440012174.1650044693&_u=YEBAAEAAAAAAAC~&z=1036509564
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rewards.cariboucoffee.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 15 Apr 2022 17:44:52 GMT
content-type
text/plain
access-control-allow-origin
https://rewards.cariboucoffee.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-3.4.1.min.js
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame BF91 		104 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/jquery-3.4.1.min.js
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5eacb24dce95197ef1b8db870117adbf2be5642b5b0172e4502cf570d0602466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
br
x-azure-ref-originshield
0y/JYYgAAAAALFrdOgcpJSKYZG8Z03VXdQU1TMDRFREdFMTgxOAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5
iPDd3y2YhzkDBroYgeOIwg==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Sat, 26 Feb 2022 11:05:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F917ED996620
x-azure-ref
0FK9ZYgAAAAB3fJesvmg3SYFfsbO7wJEJRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
05270e42-101e-0034-0aad-4ea396000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5054783-1&cid=1242146308.1650044693&jid=1123034879&_u=YGDAgEABAAAAAG~&z=669411554
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 17:44:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5054783-1&cid=1242146308.1650044693&jid=1123034879&_u=YGDAgEABAAAAAG~&z=669411554
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 17:44:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5054783-1&cid=1242146308.1650044693&jid=14300160&_u=YEBAAEAAAAAAAC~&z=14126205
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 17:44:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5054783-1&cid=1242146308.1650044693&jid=14300160&_u=YEBAAEAAAAAAAC~&z=14126205
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 17:44:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1925342967748264&ev=PageView&dl=https%3A%2F%2Frewards.cariboucoffee.com%2Fclaim-reward%2Fcf713991-6199-4f2c-a572-2b390b00d71a&rl=&if=false&ts=1650044692867&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650044692866.88548344&it=1650044692495&coo=false&rqm=GET
Requested by
Host: rewards.cariboucoffee.com
URL: https://rewards.cariboucoffee.com/claim-reward/cf713991-6199-4f2c-a572-2b390b00d71a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:44:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 15 Apr 2022 17:44:52 GMT
prod.json
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/configs/ Frame BF91 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/configs/prod.json
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3fac95be358e0a96f8ee4996f9043f61511ba71fa2ef04408970abd6fd80017c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
br
x-azure-ref-originshield
0hhNZYgAAAAC+ZRKyCxKFSazvCWrkeEwVQU1TMDRFREdFMTgxMAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5
T9JtSLZPjkUUwQstAVSbSw==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Sat, 26 Feb 2022 11:05:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F917EC881E96
x-azure-ref
0FK9ZYgAAAADlhpiTTWK7QbHkiyFhDT26RlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
477943ed-901e-00ac-5ea3-4e83f7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
appinsights.js
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame BF91 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/appinsights.js
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5038ec8b627d1b4f565ebaf3360f3a8317182b7c3518525a337d86b335f302ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
br
x-azure-ref-originshield
0y/JYYgAAAACUDD/k5nqTTqtHZ7O8ZcxhQU1TMDRFREdFMTkxOQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5
ADbtFKqlrLgA2/6zjT1cnw==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Sat, 26 Feb 2022 11:05:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F917ED6C4252
x-azure-ref
0FK9ZYgAAAABkWFpN16bHR6PW8iwdDdIJRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6f0a2f8f-d01e-010b-17ea-4f9538000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
webchat.js
cdn.botframework.com/botframework-webchat/4.14.1/ Frame BF91 		3 MB
808 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.botframework.com/botframework-webchat/4.14.1/webchat.js
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8D76) /
Resource Hash
19251e221ced2fb5cbad60a5f514df5b976ff0da77bbe62319896a8d03c5a889

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:53 GMT
content-encoding
gzip
content-md5
jEFMjaw7e6MLd0jlxWTh1g==
age
8824
x-cache
HIT
content-length
826871
x-ms-lease-status
unlocked
last-modified
Fri, 04 Mar 2022 17:19:55 GMT
server
ECAcc (lha/8D76)
etag
0x8D9FE0333768EAC
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
83469097-e01e-0029-14db-50de89000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Fri, 15 Apr 2022 21:44:53 GMT
ai.2.min.js
js.monitor.azure.com/scripts/b/ Frame BF91 		120 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/appinsights.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
feb5a95f889fd1ecdabaab0aece26b232bdb83017971c4636dce99105898f318

Request headers

Referer
https://oc-cdn-ocprod.azureedge.net/
Origin
https://oc-cdn-ocprod.azureedge.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:44:52 GMT
content-encoding
br
x-azure-ref-originshield
0pa5ZYgAAAADNFT5R0bquQr0RGJtEwfPPQU1TMDRFREdFMTgwNgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5
kIbzAcz/m2O65DekgfwJzw==
x-cache
TCP_HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.7.4.min.js
last-modified
Wed, 02 Mar 2022 20:08:25 GMT
x-ms-meta-aijssdkver
2.7.4
etag
0x8D9FC8868AFB46B
x-azure-ref
0FK9ZYgAAAACBkCAHE8U5R6aA1/l24GPsRlJBRURHRTEwMDkAZjFjYTczZDQtODg4My00Y2FmLWFiZGMtZmUyZDU2N2FmYjk2
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8edc7717-601e-0053-14ed-50cb41000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1925342967748264&ev=Microdata&dl=https%3A%2F%2Frewards.cariboucoffee.com%2Fclaim-reward%2Fcf713991-6199-4f2c-a572-2b390b00d71a&rl=&if=false&ts=1650044693370&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Claim%20your%20gift%20here!%20-%20Caribou%20Perks%22%2C%22meta%3Akeywords%22%3A%22caribou%2C%20coffee%2C%20rewards%2C%20perks%22%2C%22meta%3Adescription%22%3A%22Caribou%20Coffee%20Perks%20Program.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Caribou%20Perks%20-%20%22%2C%22og%3Adescription%22%3A%22Caribou%20Coffee%20Perks%20Program.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.coffeeandbagels-static.com%2Frewards%2Fimages%2Fogimage-caribou.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fassets.coffeeandbagels-static.com%2Frewards%2Fimages%2Fogimage-caribou.png%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fpng%22%2C%22og%3Aimage%3Awidth%22%3A%22388%22%2C%22og%3Aimage%3Aheight%22%3A%22109%22%2C%22og%3Aimage%3Aalt%22%3A%22Caribou%20Coffee%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1650044692866.88548344&it=1650044692495&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:44:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 15 Apr 2022 17:44:53 GMT
remediation_1649925846237.js
cdn.userway.org/widgetapp/2022-04-14/remediation/ 		150 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2022-04-14/remediation/remediation_1649925846237.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-04-14/widget_app_base_1649925846237.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5f2a76b94e669963c251b5b3c7da916e1b04cdf5808c60d9adf121088a443540

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 15 Apr 2022 17:44:53 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
x-77-nzt-ray
PIhsEJMVKyI
age
126
x-77-cache
HIT
x-cache
HIT
x-age
118101
content-encoding
br
x-77-nzt
AcO1ry8aVwn/Vc0BAA
x-accel-expires
@1675846592
last-modified
Thu, 14 Apr 2022 08:46:15 GMT
server
CDN77-Turbo
etag
W/"5385077a25c371f8c078f37e18c79d7b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
poSCaUXnOjUiXvuLWQQ7N1knE-hG0Z1qwSBatOL1jY_ccExPjtOXSQ==
NT4pRDF1RtDZVV66.json
cdn.userway.org/remediations/consolidated/994615/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/994615/NT4pRDF1RtDZVV66.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-04-14/widget_app_base_1649925846237.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
001b863bceb107dd6b3328885e82577b8f8bbd71978e03e359fd5a72b3382c51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 15 Apr 2022 17:44:53 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
etag
W/"563c8f51f25a81465f09d0b07eb37f44"
age
15392
x-77-cache
HIT
x-cache
HIT
x-age
168026
content-encoding
br
vary
Accept-Encoding, Origin
x-77-nzt
AcO1ry9Pe2nvWpACAA
x-accel-expires
@1681412667
last-modified
Mon, 11 Apr 2022 16:27:36 GMT
server
CDN77-Turbo
x-77-nzt-ray
rUfdtJdVpGI
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
https://rewards.cariboucoffee.com
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
uWJOufOzhZdD7AdLbAN1PVS-D1h9FNUy2F_i8JiYC8DzD7qxXWzrSw==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		931 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 15 Apr 2022 17:44:53 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-77-nzt-ray
QrJ3J1LhOdY
age
52
x-edge-origin-shield-skipped
0
x-cache
HIT
x-age
16981105
content-encoding
br
x-77-nzt
AcO1ry+mzKH/cRwDAQ
x-accel-expires
@1658983588
last-modified
Thu, 30 Sep 2021 16:45:19 GMT
server
CDN77-Turbo
etag
W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-cache
HIT
content-type
image/svg+xml
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
6YMei--F0t_BGSzZqKCPsSaHi3ftzitOd7MJXCengBVtWkp0umWGoQ==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 15 Apr 2022 17:44:53 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-77-nzt-ray
QVFpm8NrAzU
age
52
x-77-cache
HIT
x-edge-origin-shield-skipped
0
x-cache
HIT
x-age
16981105
content-encoding
br
x-77-nzt
AcO1ry/bgy3/cRwDAQ
x-accel-expires
@1658983588
last-modified
Thu, 30 Sep 2021 16:45:19 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
z1-TLQ0wWcAHOw8cBTiSLzeIq6QHdJj-1cDCQdvlpwyjcYTxWH9zaQ==
nav_menu_helper1649925846237.js
cdn.userway.org/widgetapp/2022-04-14/remediation/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2022-04-14/remediation/nav_menu_helper1649925846237.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-04-14/widget_app_base_1649925846237.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
083e6208aceae273cd38170fabc99200216598a45ed3c8b323983795365a1af5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 15 Apr 2022 17:44:53 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-77-nzt-ray
xpI2Z3YzfNc
age
2
x-77-cache
HIT
x-cache
HIT
x-age
118101
content-encoding
br
x-77-nzt
AcO1ry9s8+3/Vc0BAA
x-accel-expires
@1675846592
last-modified
Thu, 14 Apr 2022 08:46:15 GMT
server
CDN77-Turbo
etag
W/"c48039974528005aa834d679a9d6dd4c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
YTiB0M468TwFJMUHcZSLodnYhGt6JTA9deAibgkmayLLR630JDS4jw==
3442351582581272
api.userway.org/api/remediation/moderation/by-page/994615/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/remediation/moderation/by-page/994615/3442351582581272
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-04-14/widget_app_base_1649925846237.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.154.151 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-154-151.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.cariboucoffee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:44:53 GMT
etag
W/"d16-qwWPihnPAtk7XZWAy/N6f6+uD/Y"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers
*
content-length
3350
x-service-version
uw-pr
/
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame BF91 		0
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.2&x-apikey=c7655518acf1403f93ff6b9f77942f0a-d01a02fd-6b50-4de3-a566-62eda11f93bc-7083&client-time-epoch-millis=1650044694918&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.189.58 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 17:44:55 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
1103
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
purify.min.js
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame BF91 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/purify.min.js
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
93d8446660114a3c908c7d4ff2ba5677fad8f436ddd493f8936abf807649d0db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:55 GMT
content-encoding
br
x-azure-ref-originshield
0chxZYgAAAACXltcL9R1hSp5t2U+ul3c3QU1TMDRFREdFMTgwNwA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5
98MT7M8SRWeA4QUys4utxQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Sat, 26 Feb 2022 11:05:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F917EDB4B250
x-azure-ref
0F69ZYgAAAAA/6tR3QKWiRoAucKlMzwZqRlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
26a5f85e-601e-0143-410d-50880f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
botframework-webchat-adapter-ic3.production.min.js
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame BF91 		115 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/botframework-webchat-adapter-ic3.production.min.js
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
470c598ef6db18c7ae2a420ef65df40ca35ef9ace19c43f35d084c0e5fd8081f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:55 GMT
content-encoding
br
x-azure-ref-originshield
0ssFYYgAAAAAmkcLC7mfYS4WWVMKDp5O/QU1TMDRFREdFMTkwOQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5
uWzZutPFlN9rzjGW2y8JIQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Sat, 26 Feb 2022 11:05:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F917ED76A107
x-azure-ref
0GK9ZYgAAAAD60A2FJh28RL83Jh0Bq7a6RlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3f8ea149-d01e-0092-6fc7-4e1488000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
SDK.min.js
comms.omnichannelengagementhub.com/ams/0.1.1-main.af545b3/ Frame BF91 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comms.omnichannelengagementhub.com/ams/0.1.1-main.af545b3/SDK.min.js
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f082d94f17f4e5e3725177207431e7853ef566cde2ae17db075bfe99832c50ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:55 GMT
content-encoding
br
last-modified
Sat, 02 Oct 2021 02:07:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
WdlsYBmkBlaPY+FFlT//KA==
etag
0x8D98549567E591B
x-azure-ref
0GK9ZYgAAAACq5zvog/tzRaByJSUkZQUvRlJBRURHRTEwMTIAMzEzYmNhYWQtNTkyZS00ZDA4LWI1OTEtZjJjZTI1ZDc2ZjU3
x-cache
TCP_HIT
content-type
application/javascript
x-ms-request-id
12264472-101e-002c-4dbe-4e9ec9000000
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
x-azure-ref-originshield
0aDNZYgAAAAA4y/1ur3FvQ7SlKcPzHI9zQU1TMDRFREdFMTgxMAAzMTNiY2FhZC01OTJlLTRkMDgtYjU5MS1mMmNlMjVkNzZmNTc=
chat-adapter-0.0.35-beta.3.js
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame BF91 		444 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/chat-adapter-0.0.35-beta.3.js
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
73fc76f4125cfa5230ab367578caa52fed7117d0226047456fee999fde719325

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=0c712c56-7c11-4513-975d-da993243da92&data-org-id=9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604&data-org-url=https://orgefb603ce-crm.omnichannelengagementhub.com&hostname=rewards.cariboucoffee.com&data-suggested-action-layout=stacked&data-lcw-version=prod&data-font-family-override=%27NeutraText%27,%20Arial,%20Helvetica,%20sans-serif&data-color-override=%232c636e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:56 GMT
content-encoding
br
x-azure-ref-originshield
02DZZYgAAAABTFUtbCiEsTb8/pXd/uZwoQU1TMDRFREdFMTkxNwA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5
RpPgN+wzXH2liXqBVtlTMg==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Sat, 26 Feb 2022 11:05:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F917ED8FF1AC
x-azure-ref
0GK9ZYgAAAAAjyXxbRQrYS5SAIeu0L+G0RlJBRURHRTEwMDkANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b8e86455-f01e-0085-73c2-4ebd83000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
SDK.min.js
ocsdk-prod.azureedge.net/release/0.3.1-main.b56c728/ Frame BF91 		83 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ocsdk-prod.azureedge.net/release/0.3.1-main.b56c728/SDK.min.js
Requested by
Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
be44988241c629a7c99f5744afcb1b8e84794a56afd2e63c1b35245dc3586cd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oc-cdn-ocprod.azureedge.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Apr 2022 17:44:56 GMT
content-encoding
br
x-azure-ref-originshield
0sEhZYgAAAAD0DZgViWRTTrBkTpFbqIw6QU1TMDRFREdFMTgxOAA5Nzk3MTdhNC1mNDg1LTRjOTUtYWQ2Yi1iOGFiMTViZmIzYTI=
content-md5
OTel4AO53bRgu8hooT6ASQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Wed, 26 Jan 2022 02:14:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E07185A60D19
x-azure-ref
0GK9ZYgAAAAB0Qx6gZP8CQaAhgtj+E5hORlJBRURHRTEwMDkAOTc5NzE3YTQtZjQ4NS00Yzk1LWFkNmItYjhhYjE1YmZiM2Ey
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4bd958ac-901e-00a5-024c-50da32000000
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version
2009-09-19
0c712c56-7c11-4513-975d-da993243da92
orgefb603ce-crm.omnichannelengagementhub.com/livechatconnector/config/9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604/ Frame BF91 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
orgefb603ce-crm.omnichannelengagementhub.com
URL
https://orgefb603ce-crm.omnichannelengagementhub.com/livechatconnector/config/9b47c68e-6ab2-4679-a0f3-0f3cbcfe3604/0c712c56-7c11-4513-975d-da993243da92?requestId=aa1d1796-3fc5-4528-810c-66334552105e&channelId=lcw

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer function| __awaiter function| __generator object| Microsoft function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| recaptcha object| UserWayWidgetApp function| __read function| __spreadArray function| __values function| __rest object| _userway_config boolean| _userway object| bootstrap object| closure_lm_653178 object| gaplugins object| gaGlobal object| gaData object| UserWay function| __assign object| forPM function| runMenuRemediationScript

9 Cookies

Domain/Path Name / Value
rewards.cariboucoffee.com/ Name: connect.sid
Value: s%3AVijSjt0vVwHdjgGvOupT5sncdIqToNXV.O5%2FKbaDWdNG2s9YgdnCSj%2FlU%2BRqvUT4FB4Q0ksKIkQM
.cariboucoffee.com/ Name: _ga
Value: GA1.2.1242146308.1650044693
.cariboucoffee.com/ Name: _gid
Value: GA1.2.440012174.1650044693
.cariboucoffee.com/ Name: _gat_UA-5054783-1
Value: 1
.rewards.cariboucoffee.com/ Name: _ga
Value: GA1.3.1242146308.1650044693
.rewards.cariboucoffee.com/ Name: _gid
Value: GA1.3.440012174.1650044693
.rewards.cariboucoffee.com/ Name: _dc_gtm_UA-5054783-1
Value: 1
.cariboucoffee.com/ Name: _fbp
Value: fb.1.1650044692866.88548344
.facebook.com/ Name: fr
Value: 0IV0BuE2G5VQDMKwK..BiWa8U...1.0.BiWa8U.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
assets.coffeeandbagels-static.com
browser.pipe.aria.microsoft.com
cdn.botframework.com
cdn.userway.org
code.jquery.com
comms.omnichannelengagementhub.com
connect.facebook.net
fonts.gstatic.com
js.monitor.azure.com
oc-cdn-ocprod.azureedge.net
ocsdk-prod.azureedge.net
orgefb603ce-crm.omnichannelengagementhub.com
play.google.com
rewards.cariboucoffee.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
orgefb603ce-crm.omnichannelengagementhub.com
152.199.19.160
168.61.148.226
2001:4de0:ac18::1:a:2a
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6812:bcf
2620:1ec:46::44
2620:1ec:bdf::44
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:400c:c0b::9a
2a02:6ea0:c700::2
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.211.154.151
40.79.189.58
001b863bceb107dd6b3328885e82577b8f8bbd71978e03e359fd5a72b3382c51
0328b97e4845eacf889e52bd79ce035d72a6583ee7a2e4f5126ba1c83019c0e5
083e6208aceae273cd38170fabc99200216598a45ed3c8b323983795365a1af5
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13b65e91f908dde622ed8afb09fc0543107fe19e6aed1911e5aaf2e42f7726dc
19251e221ced2fb5cbad60a5f514df5b976ff0da77bbe62319896a8d03c5a889
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e50f1f54c9c5907ded720df9728f5a7c61323ca3dbf92e2fb027fe3003a0257
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
26fae406d5b6f1d45d59b454c8d8e0fdc94bf0ad9e01d73f2b98bdccebeaba98
362d0a8e5b81165d82eca426308c183be4c8a57caa6a3e831598161527e2989a
36965ee462e0aa8ed300d4d0a808b594c734113d9dc61d11b231b0105bf7b5d9
3c71c19baf38525f5559ba9c08e9b432e211c9dff235543eb4731f192b4df5ad
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fac95be358e0a96f8ee4996f9043f61511ba71fa2ef04408970abd6fd80017c
420105fb15a6b3dd7cf362e8d81d397a6372905c8054394687ce4382b8b7611c
470c598ef6db18c7ae2a420ef65df40ca35ef9ace19c43f35d084c0e5fd8081f
48be0ad129611c69e2743660c59496b9db2b47d1376ca1ef615c31dd62926f59
4c6b8238224112dde0a10a3aae95d9e7e23bee7a3c98b76e00137f36370a34b3
5038ec8b627d1b4f565ebaf3360f3a8317182b7c3518525a337d86b335f302ae
54e06f1c85e7b57cf8d463186959b8685678252f0e9f5578be4683d93f20bef1
55b1529ebd2302d3890c03a7b27d57e83a816801dc59365321c9b16c7ac78211
57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c80624b8061dd14b732abd937e2c2bec66ee952f297b44fba6f4a7be52f3421
5eacb24dce95197ef1b8db870117adbf2be5642b5b0172e4502cf570d0602466
5f2a76b94e669963c251b5b3c7da916e1b04cdf5808c60d9adf121088a443540
6e4f6165519b07dc94028db2f2d708e9d3483be23ee586ed6c04c6c965946907
73b480817c5fb5f37a7c13ad5c6b983c3a2350059d57676a9aed98f3dec63cbb
73fc76f4125cfa5230ab367578caa52fed7117d0226047456fee999fde719325
8060d730be4a3ed1536060acdad7301e232585a18544f7537362c3ce69c69377
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
90bba60f8cf5fd1b759426faf322a0653b4bea3e60873db2a66d1bdb656d8b72
93d8446660114a3c908c7d4ff2ba5677fad8f436ddd493f8936abf807649d0db
95d81e4ffe7e95ac9ef3f03e275f105beaa01a1a6a730dacfef0a5960b495254
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a75d69cfc96d32fd87c93b4cfc533626916ad843fb315404fe3a1266a41f4646
aae303d1fd01e90c78fec421ddc5135df6d2d1d255cc8b45a345d10f559a3fbe
abab82d9c0930768326b742c1b883f02c5acd08441100e0121a3468e56db7bd7
afc223c1bd3066c35e04f31e313245c2e4a2843e55c05a42f400b2071ecd5552
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
be44988241c629a7c99f5744afcb1b8e84794a56afd2e63c1b35245dc3586cd3
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c96d16789c7907add66ef3a490d6d014f7c46ec85b009bec3a59165f583a661f
c9a80625e971b234d28263a9f86712c4ccb54feb7d37379f8ec6930c4f534f9c
d6db53c7dbf1d54218584a90b603822c9ec44f018f29b2ba01641af99e76cb28
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1492d5e8bde0eb89be6de49b447802fa96fb5b253b63a8c3900b85b0528e62b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f082d94f17f4e5e3725177207431e7853ef566cde2ae17db075bfe99832c50ff
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fa31c1b2de2ac7213e359e105402e5aa6e716be910d2f832e3871ba896664883
fb38a248f0633f88f3f846dcff8d5096aeb6de2eca235426a7babde985c9d2b9
feb5a95f889fd1ecdabaab0aece26b232bdb83017971c4636dce99105898f318