www.biltrewards.com Open in urlscan Pro
76.76.21.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bilt.page/
Effective URL:
https://www.biltrewards.com/
Submission: On April 19 via api (April 19th 2024, 10:02:10 pm UTC) from US — Scanned from DE

Summary HTTP 282 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 39 IPs in 3 countries across 32 domains to perform 282 HTTP transactions. The main IP is 76.76.21.22, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is www.biltrewards.com. The Cisco Umbrella rank of the primary domain is 156816.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.

This is the only time www.biltrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.117.79.164 34.117.79.164	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
35	76.76.21.22 76.76.21.22	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3031::ac43:8881	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.187.40 13.33.187.40	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
9	2606:4700:310... 2606:4700:3108::ac42:2b3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 20	34.110.183.245 34.110.183.245	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1 6	2606:4700:20:... 2606:4700:20::681a:3b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	52.42.237.31 52.42.237.31	16509 (AMAZON-02) (AMAZON-02)
2	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
1	35.71.142.77 35.71.142.77	16509 (AMAZON-02) (AMAZON-02)
2	34.160.241.76 34.160.241.76	15169 (GOOGLE) (GOOGLE)
3	35.241.5.91 35.241.5.91	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 _) (CDN77 _)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	52.210.64.4 52.210.64.4	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
5	104.126.37.147 104.126.37.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	3.69.41.26 3.69.41.26	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:275... 2600:9000:275d:f400:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
121	2600:9000:249... 2600:9000:2490:5c00:d:ada1:a280:93a1	16509 (AMAZON-02) (AMAZON-02)
3	3.160.150.114 3.160.150.114	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:484f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
5	2600:1f14:5db... 2600:1f14:5db:eb22:35a7:a435:ab78:9e3e	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:275... 2600:9000:275b:4200:19:2755:1280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.203.25.147 54.203.25.147	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:6f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	2600:1f18:730... 2600:1f18:730:b130:3312:d950:1633:cbeb	14618 (AMAZON-AES) (AMAZON-AES)
2	3.212.143.46 3.212.143.46	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 _) (CDN77 _)
282	39

1 34.117.79.164 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 164.79.117.34.bc.googleusercontent.com

bilt.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 76.76.21.22 (Walnut, United States)

ASN16509 (AMAZON-02, US)

www.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:8881 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.deviceinf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-40.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3108::ac42:2b3c (United States)

ASN13335 (CLOUDFLARENET, US)

transcend-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 34.110.183.245 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 245.183.110.34.bc.googleusercontent.com

id.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o441793.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:3b4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu.mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.42.237.31 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-237-31.us-west-2.compute.amazonaws.com

tvspix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)

decagon.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.142.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com

www2.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.241.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.241.160.34.bc.googleusercontent.com

flags.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.241.5.91 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 91.5.241.35.bc.googleusercontent.com

static.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.64.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-64-4.eu-west-1.compute.amazonaws.com

vitals.vercel-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.147 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-147.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.69.41.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-41-26.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275d:f400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

121 2600:9000:2490:5c00:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.160.150.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-114.fra60.r.cloudfront.net

events.framer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:484f (United States)

ASN13335 (CLOUDFLARENET, US)

mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f14:5db:eb22:35a7:a435:ab78:9e3e (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275b:4200:19:2755:1280:93a1 (United States)

ASN16509 (AMAZON-02, US)

scripts.neuro-id.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.203.25.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-25-147.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:6f8 (United States)

ASN13335 (CLOUDFLARENET, US)

sync-transcend-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:730:b130:3312:d950:1633:cbeb (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.212.143.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-143-46.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
121	framerusercontent.com framerusercontent.com — Cisco Umbrella Rank: 48281	2 MB
61	biltrewards.com 1 redirects www.biltrewards.com — Cisco Umbrella Rank: 156816 id.biltrewards.com — Cisco Umbrella Rank: 271073 www2.biltrewards.com flags.biltrewards.com — Cisco Umbrella Rank: 216850 static.biltrewards.com — Cisco Umbrella Rank: 285365	1 MB
20	userway.org cdn.userway.org — Cisco Umbrella Rank: 3313 api.userway.org — Cisco Umbrella Rank: 3174 cdn77.api.userway.org — Cisco Umbrella Rank: 6069	224 KB
9	transcend-cdn.com transcend-cdn.com — Cisco Umbrella Rank: 16993	145 KB
8	segment.com cdn.segment.com — Cisco Umbrella Rank: 1798	66 KB
8	mgln.ai 1 redirects cdn.mgln.ai — Cisco Umbrella Rank: 43003 mgln.ai — Cisco Umbrella Rank: 20804 eu.mgln.ai — Cisco Umbrella Rank: 74049	4 KB
5	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 3617 rp4.liadm.com — Cisco Umbrella Rank: 5835 Failed rp.liadm.com — Cisco Umbrella Rank: 1253	38 KB
5	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2808	9 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 709	155 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	951 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	369 KB
3	framer.com events.framer.com — Cisco Umbrella Rank: 58383	16 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 36	86 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 123	19 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
2	sync-transcend-cdn.com sync-transcend-cdn.com — Cisco Umbrella Rank: 27973
2	neuro-id.com scripts.neuro-id.com — Cisco Umbrella Rank: 134956	48 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 492	1 KB
2	vercel-insights.com vitals.vercel-insights.com — Cisco Umbrella Rank: 12928	331 B
2	gstatic.com www.gstatic.com	201 KB
2	decagon.ai decagon.ai — Cisco Umbrella Rank: 48813	1 KB
2	sentry.io o441793.ingest.sentry.io — Cisco Umbrella Rank: 232190	355 B
2	deviceinf.com cdn.deviceinf.com — Cisco Umbrella Rank: 328684	99 KB
1	google.de www.google.de — Cisco Umbrella Rank: 7278	64 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	274 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1390	177 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1342 conversions-config.reddit.com Failed	637 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2404	257 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1221	9 KB
1	tvspix.com tvspix.com — Cisco Umbrella Rank: 16126	194 B
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14155	41 KB
1	bilt.page 1 redirects bilt.page	141 B
282	32

	Domain	Requested by
121	framerusercontent.com	www2.biltrewards.com
35	www.biltrewards.com	www.biltrewards.com
20	id.biltrewards.com	1 redirects www.biltrewards.com www2.biltrewards.com id.biltrewards.com
13	cdn.userway.org	www.biltrewards.com cdn.userway.org www2.biltrewards.com
9	transcend-cdn.com	www.biltrewards.com transcend-cdn.com id.biltrewards.com
8	cdn.segment.com	www.biltrewards.com cdn.segment.com
6	mgln.ai	1 redirects www.biltrewards.com
5	api.userway.org	www.biltrewards.com cdn.userway.org
5	tags.srv.stackadapt.com	www.biltrewards.com tags.srv.stackadapt.com
5	analytics.tiktok.com	www.biltrewards.com analytics.tiktok.com
5	www.google.com	1 redirects www.biltrewards.com www.gstatic.com id.biltrewards.com
4	www.googletagmanager.com	www.biltrewards.com www.googletagmanager.com cdn.segment.com
3	events.framer.com	www2.biltrewards.com
3	static.biltrewards.com	www.biltrewards.com
2	cdn77.api.userway.org	www.biltrewards.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	rp.liadm.com	2 redirects
2	www.googleadservices.com	cdn.segment.com www.googleadservices.com
2	connect.facebook.net	cdn.segment.com connect.facebook.net
2	sync-transcend-cdn.com	transcend-cdn.com
2	scripts.neuro-id.com	www.biltrewards.com scripts.neuro-id.com
2	rp4.liadm.com	www.biltrewards.com
2	pixel.tapad.com	2 redirects
2	vitals.vercel-insights.com	www.biltrewards.com
2	www.gstatic.com	www.google.com
2	flags.biltrewards.com	www.biltrewards.com
2	decagon.ai	www.biltrewards.com decagon.ai
2	o441793.ingest.sentry.io	www.biltrewards.com id.biltrewards.com
2	cdn.deviceinf.com	www.biltrewards.com id.biltrewards.com
1	www.google.de
1	www.facebook.com
1	api.segment.io	www.biltrewards.com
1	alb.reddit.com	www.biltrewards.com
1	region1.google-analytics.com	www.googletagmanager.com
1	eu.mgln.ai	www.biltrewards.com
1	b-code.liadm.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com www.biltrewards.com
1	www2.biltrewards.com	www.biltrewards.com
1	tvspix.com	www.biltrewards.com
1	cdn.mgln.ai	www.biltrewards.com
1	cdn.plaid.com	www.biltrewards.com
1	bilt.page	1 redirects
0	conversions-config.reddit.com Failed	www.biltrewards.com
282	43

This site contains links to these domains. Also see Links.

Domain
instagram.com
twitter.com
facebook.com
youtube.com
www.linkedin.com
legal.biltrewards.com
biltrewards.zendesk.com
bilt.page.link
biltrewards.com
www.biltalliance.com
newsroom.biltrewards.com

Subject Issuer	Validity	Valid
www.biltrewards.com R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh
deviceinf.com Cloudflare Inc ECC CA-3	`2024-01-08` - `2024-12-31`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2024-03-12` - `2025-03-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
transcend-cdn.com GTS CA 1P5	`2024-03-20` - `2024-06-18`	3 months	crt.sh
id.biltrewards.com GTS CA 1D4	`2024-03-07` - `2024-06-05`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
mgln.ai E1	`2024-04-07` - `2024-07-06`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
tvspix.com Amazon RSA 2048 M03	`2024-03-25` - `2025-04-24`	a year	crt.sh
decagon.ai R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
www2.biltrewards.com R3	`2024-03-16` - `2024-06-14`	3 months	crt.sh
flags.biltrewards.com GTS CA 1D4	`2024-04-18` - `2024-07-17`	3 months	crt.sh
static.biltrewards.com GTS CA 1D4	`2024-03-13` - `2024-06-11`	3 months	crt.sh
1667503734.rsc.cdn77.org R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
vercel-insights.com Amazon RSA 2048 M03	`2023-08-23` - `2024-09-19`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-08` - `2024-07-06`	6 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
framerusercontent.com Amazon RSA 2048 M02	`2023-12-18` - `2025-01-14`	a year	crt.sh
events.framer.com Amazon RSA 2048 M03	`2024-04-09` - `2025-05-07`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
*.neuro-id.com Amazon RSA 2048 M01	`2023-06-27` - `2024-07-25`	a year	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
sync-transcend-cdn.com Cloudflare Inc ECC CA-3	`2023-06-02` - `2024-05-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
1784939676.rsc.cdn77.org R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.biltrewards.com/
Frame ID: 0910A975CA6EC6836E6FC7F35DF7E607
Requests: 118 HTTP requests in this frame

Frame: https://www2.biltrewards.com/
Frame ID: 81711E9715998C86A0B8BFC575DD5EF3
Requests: 145 HTTP requests in this frame

Frame: https://id.biltrewards.com/login/iframe/userdata/
Frame ID: A76D135B7A0697387D1706A5935DD400
Requests: 25 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc&co=aHR0cHM6Ly93d3cuYmlsdHJld2FyZHMuY29tOjQ0Mw..&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=4ailwmri8iej
Frame ID: FF562014F61764A60D02D116E02C9B4B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc&co=aHR0cHM6Ly9pZC5iaWx0cmV3YXJkcy5jb206NDQz&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=tulfw3x6e643
Frame ID: 708A16BC6C5524B39C355C1BDDD4862A
Requests: 1 HTTP requests in this frame

Frame: https://decagon.ai/demo/bilt?defaultVisibility=hidden
Frame ID: 0826B23EC31B1FC70E797FF1F279DFF8
Requests: 1 HTTP requests in this frame

Frame: https://sync-transcend-cdn.com/consent-manager/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f
Frame ID: 916F93BE74C05CDF8F82E872BBFB71A1
Requests: 1 HTTP requests in this frame

Frame: https://sync-transcend-cdn.com/consent-manager/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f
Frame ID: EBE191B279A594C3BE63F2EB641A769A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bilt Rewards

Page URL History Show full URLs

http://bilt.page/ HTTP 307
https://bilt.page/ HTTP 301
https://www.biltrewards.com/ Page URL

Detected technologies

DatoCMS (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+https://www\.datocms-assets\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha

Page Statistics

282
Requests

96 %
HTTPS

51 %
IPv6

32
Domains

43
Subdomains

39
IPs

3
Countries

5126 kB
Transfer

19147 kB
Size

31
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://instagram.com/BiltRewards

Search URL Search Domain Scan URL

URL: https://twitter.com/BiltRewards

Search URL Search Domain Scan URL

URL: https://facebook.com/biltrewards

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCCJoaLWfOJeBx6fD8K58nuQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/biltrewards

Search URL Search Domain Scan URL

URL: https://legal.biltrewards.com/policies
Title: Privacy Center

Search URL Search Domain Scan URL

URL: https://biltrewards.zendesk.com/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

URL: https://bilt.page.link/app
Title: App

Search URL Search Domain Scan URL

URL: https://biltrewards.com/p/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.biltalliance.com/
Title: Bilt for Real Estate Partners

Search URL Search Domain Scan URL

URL: https://newsroom.biltrewards.com/
Title: Newsroom

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bilt.page/ HTTP 307
https://bilt.page/ HTTP 301
https://www.biltrewards.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://id.biltrewards.com/login/iframe/userdata HTTP 308
https://id.biltrewards.com/login/iframe/userdata/

Request Chain 137

https://mgln.ai/pixel/sync.gif HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3365&partner_device_id=eb1cb1bf-3330-4678-9c26-a385090847ba&partner_url=https%3A%2F%2Feu.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3365&partner_device_id=eb1cb1bf-3330-4678-9c26-a385090847ba&partner_url=https%3A%2F%2Feu.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://eu.mgln.ai/pixel?tapad_id=f4da7ee7-70ed-4c84-b3fe-3681d7f96a34

Request Chain 187

https://rp.liadm.com/j?dtstmp=1713564106784&aid=b-00ri&se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 0
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 206

https://rp.liadm.com/j?dtstmp=1713564106784&aid=b-00ri&se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 0
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 217

https://rp.liadm.com/j?dtstmp=1713564106784&aid=b-00ri&se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 0
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 274

https://rp.liadm.com/j?dtstmp=1713564106784&aid=b-00ri&se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 0
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 275

https://rp.liadm.com/p?dtstmp=1713564107829&aid=b-00ri&se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 302
https://rp4.liadm.com/p?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564107829&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 276

https://rp.liadm.com/p?dtstmp=1713564107829&aid=b-00ri&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTM1NjQxMDY3ODQmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaHZ3NjJmLi4uIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiRXJyb3I6IEVycm9yIGR1cmluZyBYSFIgY2FsbDogMCwgdXJsOiBodHRwczovL3JwLmxpYWRtLmNvbS9qP2R0c3RtcD0xNzEzNTY0MTA2Nzg0JmFpZD1iLTAwcmkmc2U9ZTMwJmR1aWQ9MDVlMjFlOWE2ODZlLS0wLi4uIiwiZmlsZU5hbWUiOiJ1bmRlZmluZWQifQ&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 302
https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTM1NjQxMDY3ODQmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaHZ3NjJmLi4uIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiRXJyb3I6IEVycm9yIGR1cmluZyBYSFIgY2FsbDogMCwgdXJsOiBodHRwczovL3JwLmxpYWRtLmNvbS9qP2R0c3RtcD0xNzEzNTY0MTA2Nzg0JmFpZD1iLTAwcmkmc2U9ZTMwJmR1aWQ9MDVlMjFlOWE2ODZlLS0wLi4uIiwiZmlsZU5hbWUiOiJ1bmRlZmluZWQifQ&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564107829&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 286

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10874839969/?random=1102432886&cv=9&fst=1713564108097&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI3qjb36PPhQMVpeQRCB3nnwgaMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LmJpbHRyZXdhcmRzLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/10874839969/?random=1102432886&cv=9&fst=1713564108097&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI3qjb36PPhQMVpeQRCB3nnwgaMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LmJpbHRyZXdhcmRzLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqzFBHCnjFTsMMhsbtOZUikFfdp7fU3p5zHpK4juXK-6mTaB5S&random=4071477376&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/10874839969/?random=1102432886&cv=9&fst=1713564108097&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI3qjb36PPhQMVpeQRCB3nnwgaMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LmJpbHRyZXdhcmRzLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqzFBHCnjFTsMMhsbtOZUikFfdp7fU3p5zHpK4juXK-6mTaB5S&random=4071477376&resp=GooglemKTybQhCsO&ipr=y

282 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.biltrewards.com/
Redirect Chain

http://bilt.page/
https://bilt.page/
https://www.biltrewards.com/

56 KB
11 KB

337ms
277ms

Document
text/html

76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

1b1b1518ff22bf171e2896068b4f056b304ed4563a88f85159913053bb86fc86

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-type: text/html; charset=utf-8
date: Fri, 19 Apr 2024 22:01:45 GMT
referrer-policy: origin
server: Vercel
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-content-type-options: nosniff
x-matched-path: /p/homepage
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: cle1
x-vercel-id: fra1::cle1::gp4hq-1713564105553-ae0a4ef38a8f
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 19 Apr 2024 22:01:45 GMT
location: https://www.biltrewards.com:443/

GET
H2 200 webpack-a1f39e9ab9673166.js Show response
www.biltrewards.com/_next/static/chunks/ 5 KB
5 KB 31ms
31ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/webpack-a1f39e9ab9673166.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ab6c570f1ed2504c4a6b312d5e5cf220a726910bddf6fb18fbe94f7d6ac53d7b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3208
content-disposition: inline; filename="webpack-a1f39e9ab9673166.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::t9s7b-1713564105836-593d72b39217
x-matched-path: /_next/static/chunks/webpack-a1f39e9ab9673166.js
etag: W/"23af07559ffcf8d74fde353e5cef1c33"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 0a08d48a-2ea4280064791d1b.js Show response
www.biltrewards.com/_next/static/chunks/ 168 KB
57 KB 32ms
32ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/0a08d48a-2ea4280064791d1b.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1e4f82853b2bbe4130f6a37ceb51b2e3ae3b63f93020ae4c6cf29c775ae47c4b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="0a08d48a-2ea4280064791d1b.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::xt6v8-1713564105836-c5e02a43c2c6
x-matched-path: /_next/static/chunks/0a08d48a-2ea4280064791d1b.js
etag: W/"6b0b2fbcb51e183b8e3ce5ec4a64a339"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 3823-9f814568c01d4885.js Show response
www.biltrewards.com/_next/static/chunks/ 136 KB
42 KB 62ms
59ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1859485082544968afcc2f8da110229be04938e9b1a696bf2b36ed3ce772eab9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="3823-9f814568c01d4885.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::xt6v8-1713564105851-59a03ac347b1
x-matched-path: /_next/static/chunks/3823-9f814568c01d4885.js
etag: W/"4c56678dba8e761cdfbeee6a562904ba"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 main-app-6f1164958d7f0f4f.js Show response
www.biltrewards.com/_next/static/chunks/ 4 KB
4 KB 42ms
39ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/main-app-6f1164958d7f0f4f.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a46610abbca70881a4dca452b0a6676d43e459cde7570ab0bfacc7a85e8d92f4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="main-app-6f1164958d7f0f4f.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::t9s7b-1713564105851-903daca017c3
x-matched-path: /_next/static/chunks/main-app-6f1164958d7f0f4f.js
etag: W/"9f0445dcf2d8bb98144b18371742c262"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 d7bc610a-c646afafb6427ddf.js Show response
www.biltrewards.com/_next/static/chunks/ 120 KB
41 KB 84ms
81ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/d7bc610a-c646afafb6427ddf.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

004308bc4223c392d8e24f8edb3c1c6ffeba09277efd50d6f549cbdbe485747a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="d7bc610a-c646afafb6427ddf.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::mhjvb-1713564105851-a584e076892d
x-matched-path: /_next/static/chunks/d7bc610a-c646afafb6427ddf.js
etag: W/"73566eb41d400ba69137adfc8eed7ab7"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 6851-dde6b02ebd6f186e.js Show response
www.biltrewards.com/_next/static/chunks/ 37 KB
17 KB 44ms
42ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/6851-dde6b02ebd6f186e.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

edbc6b185fd351619dc19e76c3e3be738f06901a9a7f6256247b4cedc0d40acd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="6851-dde6b02ebd6f186e.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::4n9bx-1713564105851-eda7ec4f9ae8
x-matched-path: /_next/static/chunks/6851-dde6b02ebd6f186e.js
etag: W/"5a3fbdc15a63ce4f1988c3d61a442376"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 7883-869763b70811cfae.js Show response
www.biltrewards.com/_next/static/chunks/ 15 KB
8 KB 104ms
101ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/7883-869763b70811cfae.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8e377dd5b5baaea8f1e02ec632ee5369be88f429c5c837ecde5757c047cce34c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="7883-869763b70811cfae.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::bfspw-1713564105851-71b0d79def58
x-matched-path: /_next/static/chunks/7883-869763b70811cfae.js
etag: W/"e0f121e7cff629c6c218f94eaf3dc7e7"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 6166-52101be2002f3397.js Show response
www.biltrewards.com/_next/static/chunks/ 8 KB
6 KB 45ms
42ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/6166-52101be2002f3397.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bbc02b2f82dbf5977ca0eb2a3c8333a35cab6f485de1b08e91765181ffddcfc3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="6166-52101be2002f3397.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::x9s92-1713564105851-35d64c508289
x-matched-path: /_next/static/chunks/6166-52101be2002f3397.js
etag: W/"31f1cf7655606d8230f0b61505f8335c"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 3045-4c09e779c74700fc.js Show response
www.biltrewards.com/_next/static/chunks/ 10 KB
6 KB 43ms
41ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/3045-4c09e779c74700fc.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ac2a630a659de9dedde2fd2602b0486e765b3e64bca661e1b2f2a6d50d1730d0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="3045-4c09e779c74700fc.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::gp4hq-1713564105851-afbba2b7b537
x-matched-path: /_next/static/chunks/3045-4c09e779c74700fc.js
etag: W/"6ba521210e467f7bc28cab3ea7c90089"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 8152-741d12f273eefb58.js Show response
www.biltrewards.com/_next/static/chunks/ 298 KB
97 KB 62ms
60ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

59ed8ba4f55ae0c8eb55341b4098df11760b49d1f6fb0aa3e036585a8af79988

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="8152-741d12f273eefb58.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::gp4hq-1713564105857-eb4c69d834fb
x-matched-path: /_next/static/chunks/8152-741d12f273eefb58.js
etag: W/"b5443d52cce7c8b8b6113b385c96b08c"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 8867-8c5e984b86078dff.js Show response
www.biltrewards.com/_next/static/chunks/ 94 KB
35 KB 58ms
56ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/8867-8c5e984b86078dff.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6663df519c7ca113900a9c0077ac550db3cf9bb431aee79a56ceac9aecbaee6b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="8867-8c5e984b86078dff.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::t9s7b-1713564105857-923ad81be72a
x-matched-path: /_next/static/chunks/8867-8c5e984b86078dff.js
etag: W/"df1525add27943a959c07c44355f5dfa"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 6414-e118a96fae754990.js Show response
www.biltrewards.com/_next/static/chunks/ 162 KB
57 KB 103ms
101ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/6414-e118a96fae754990.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1211f890980640f917aef6dc283fff050b3365056fac3d2c2739c573a90c3cc8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="6414-e118a96fae754990.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::txgfr-1713564105857-1c249542bbe2
x-matched-path: /_next/static/chunks/6414-e118a96fae754990.js
etag: W/"6f2a2963daccd71b5ad6984d178bb4b2"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 5935-2bec4673ee277813.js Show response
www.biltrewards.com/_next/static/chunks/ 5 KB
5 KB 84ms
83ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/5935-2bec4673ee277813.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f0d8b1217e7da95602961859ca7614fd26171c95471950c6078db7524fddeceb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="5935-2bec4673ee277813.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::vv8ms-1713564105857-2a0f3169b72f
x-matched-path: /_next/static/chunks/5935-2bec4673ee277813.js
etag: W/"83d4a90eb073702343a98ae075977df5"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 3821-556712ffc657a727.js Show response
www.biltrewards.com/_next/static/chunks/ 40 KB
17 KB 63ms
61ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/3821-556712ffc657a727.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bf9fd9a2c376482c39bf4154c70a8379f81794e76032adfe8cbfdaea03b68e5b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3207
content-disposition: inline; filename="3821-556712ffc657a727.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::mwnzh-1713564105857-38644a0d378d
x-matched-path: /_next/static/chunks/3821-556712ffc657a727.js
etag: W/"70ff9d7384f6de6f42d35412357c4aa8"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 7423-eea4e0fb8c785eab.js Show response
www.biltrewards.com/_next/static/chunks/ 17 KB
9 KB 81ms
79ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/7423-eea4e0fb8c785eab.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d4c0a567ed05aa374c9f25bf7e1997cf302b18502d8c075043ad9174a21837cd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="7423-eea4e0fb8c785eab.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::kfmv4-1713564105857-0f1a357769b4
x-matched-path: /_next/static/chunks/7423-eea4e0fb8c785eab.js
etag: W/"c92fe4c06cb9fb6564d44c30ffe9b653"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 6418-3dfa3a2acf0f6d12.js Show response
www.biltrewards.com/_next/static/chunks/ 27 KB
12 KB 108ms
107ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/6418-3dfa3a2acf0f6d12.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2545332ad8d9a7b2d489e057bdbe2483e4a8a1ebcc9e177f2d547e09d8e7cd65

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="6418-3dfa3a2acf0f6d12.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::vv8ms-1713564105857-bf12902e20f9
x-matched-path: /_next/static/chunks/6418-3dfa3a2acf0f6d12.js
etag: W/"340e8cba815126381ab1a5d515c32108"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 4193-4d7bd22d05cedabe.js Show response
www.biltrewards.com/_next/static/chunks/ 251 KB
83 KB 59ms
57ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/4193-4d7bd22d05cedabe.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c272d5ac9e24c29938402a0e3674796326e0867dc058c051bc5bc482f720e29c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 2463
content-disposition: inline; filename="4193-4d7bd22d05cedabe.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::x9s92-1713564105857-1ec2f5a01f52
x-matched-path: /_next/static/chunks/4193-4d7bd22d05cedabe.js
etag: W/"06fb5a9bd4efdbcfe35f48f7ac1072bb"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 6746-a18c7a19d78de21a.js Show response
www.biltrewards.com/_next/static/chunks/ 355 KB
88 KB 58ms
57ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/6746-a18c7a19d78de21a.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0a4cd18657931f03d74198e1caf8ea073106143a7da9c1ec09c15a030bdeed58

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="6746-a18c7a19d78de21a.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::4n9bx-1713564105858-1c5e5f48942b
x-matched-path: /_next/static/chunks/6746-a18c7a19d78de21a.js
etag: W/"290f6a7998bfb14b529c9b485f28970a"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 1768-51bf34deaeddb409.js Show response
www.biltrewards.com/_next/static/chunks/ 10 KB
6 KB 99ms
98ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/1768-51bf34deaeddb409.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4f157dd4961df97c742b64c6f733ddbf386ab079b8694af8b719ee57bab849cd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="1768-51bf34deaeddb409.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::8rqwz-1713564105857-ff37c4ba440b
x-matched-path: /_next/static/chunks/1768-51bf34deaeddb409.js
etag: W/"b4f09ff4161a51d36a3cb050d8aa6b10"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 7008-5a200fd92aa061b0.js Show response
www.biltrewards.com/_next/static/chunks/ 76 KB
27 KB 101ms
100ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/7008-5a200fd92aa061b0.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1181bac2ba7bc517e30c32f6068a1ae9e32e2aa5621ba811b24e20c2bafb5fc1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="7008-5a200fd92aa061b0.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::s8f5k-1713564105857-35f2bf4cc106
x-matched-path: /_next/static/chunks/7008-5a200fd92aa061b0.js
etag: W/"6f8605e0ab524de8ae48ba2b12eed392"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 layout.page-4bb0a80726ff943f.js Show response
www.biltrewards.com/_next/static/chunks/app/(root)/ 86 KB
28 KB 82ms
81ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/app/(root)/layout.page-4bb0a80726ff943f.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

431575775b7531e5dbdf4db1ec30b383059b08dc91a99ae1e5e112685292c015

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="layout.page-4bb0a80726ff943f.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::zvb2f-1713564105857-a8c83d294298
x-matched-path: /_next/static/chunks/app/(root)/layout.page-4bb0a80726ff943f.js
etag: W/"e443423f1e16647478e3bc5ee245d1f8"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 ada-compliance.js Show response
www.biltrewards.com/assets/vendor/ 2 KB
3 KB 27ms
25ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/assets/vendor/ada-compliance.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

409c45f4c5dba51089b142af082a8c9595854b2d225b02996347b00d92d2a95d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3276
content-disposition: inline; filename="ada-compliance.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::gp4hq-1713564105839-9e272a8210b5
x-matched-path: /assets/vendor/ada-compliance.js
etag: W/"3e0347161bc15628d0f698ac48a39acf"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate

GET
H3 200 agent.js Show response
cdn.deviceinf.com/js/v4/ 310 KB
99 KB 80ms
42ms Script
application/javascript 2606:4700:3031::ac43:8881
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.deviceinf.com/js/v4/agent.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8881 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:45 GMT
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
age: 2030
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
server: cloudflare
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b202ymGFMZPSNkr1A0bQ3U2wNw2ykAeDAhIe7lPGx1EG1aUfPX1Um0D%2BPnn6SFZ6zFHkhMqdpQZrRBlXKDoiS%2BSn1Jet4ePFih4RshlQYxdSfqb6IuVRK4ZnLuhwq8WPgf1%2FUvI9UpNXhGJSAcLMnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87702ccdbf5a5cb0-FRA
x-amz-cf-id: UgFkK98pA2VZSRAlvg4oQ3JjoVNo2JUjxXGEdXAJrCPhWxVcFpdL7w==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 148 KB
41 KB 108ms
45ms Script
text/javascript 13.33.187.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14a0271be213a1a3d3a6067829a74f20b63c721e08ee9b6959d8e818ae19e5a0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: cyJtX80iyg2m9WhH1C8iSaPfOF.8efjM
content-encoding: br
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
date: Fri, 19 Apr 2024 19:15:47 GMT
x-amz-request-id: CJPWT7WQTAKB1EZY
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
age: 10067
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: SXSLxolb4i7/sYFKv99NtV2vNBV6mqi2+tk2KhQ/xzhSwp1B+2YZr9LHB1lBUlzmzGVY3a93DXI=
last-modified: Fri, 19 Apr 2024 15:55:15 GMT
server: AmazonS3
etag: W/"52c8ec4e2ceca77fb7419c1949a377d2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: fEmq7voVE4CQR9plHDYrhIZ0kucDmI5wBh1WlxZIcR6pwcYlVxwmNg==

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
927 B 81ms
36ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f006d5392d9ceb2b14d64b27507c2c5129397b4a29bfebc9e2282c9257a6bfbc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 19 Apr 2024 22:01:45 GMT

GET
H3 200 airgap.js Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ 105 KB
43 KB 76ms
42ms Script
text/javascript 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

193f70e3ef4fb576a502cd67546306e9ec798eb04db2cbb8f42e19b719f75fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 453
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"f40739130aa0cc889c7fc63c2ffe78ae"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 87702ccdbbd8a5f6-FRA
expires: Fri, 19 Apr 2024 22:02:45 GMT

GET
H2 200 fs.js Show response
id.biltrewards.com/fsedge/s/ 263 KB
72 KB 104ms
35ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.biltrewards.com/fsedge/s/fs.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.183.110.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ed3b2365a716dc5d7564db9d5628d6f303a27dcf6a259b48f287a135dbb8943b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 21:24:29 GMT
content-encoding: br
via: 1.1 google
age: 2237
x-guploader-uploadid: ABPtcPrN4v2X9uCDJq5vNrXjannBAinK1ZS9LSQnx17R0732wKvtWq1B7kwDxB4SY7_whOVcoxo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73052
last-modified: Mon, 15 Apr 2024 13:22:46 GMT
server: UploadServer
etag: "380d8a7f0c6efde29aadfbaeffde8d5a"
vary: Accept-Encoding
x-goog-generation: 1713187366176458
x-goog-hash: crc32c=VjwVaQ==, md5=OA2Kfwxu/eKarfuu/96NWg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 73052
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 19 Apr 2024 22:24:29 GMT

GET
H2 200 9ffa21ba-993efbed269ed6c8.js Show response
www.biltrewards.com/_next/static/chunks/ 68 KB
28 KB 31ms
22ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/9ffa21ba-993efbed269ed6c8.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/webpack-a1f39e9ab9673166.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f7884484aa93bc6ff6720b937a8a7ce4450566d1142938629258bc4027a9c685

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3274
content-disposition: inline; filename="9ffa21ba-993efbed269ed6c8.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::lxv6z-1713564105952-6dac8b778e8d
x-matched-path: /_next/static/chunks/9ffa21ba-993efbed269ed6c8.js
etag: W/"3c810242b78eb0a06af6b252cbec64cc"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 page.page-e7d85c919ea3c5c5.js Show response
www.biltrewards.com/_next/static/chunks/app/(root)/p/homepage/ 5 KB
5 KB 31ms
24ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/app/(root)/p/homepage/page.page-e7d85c919ea3c5c5.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/webpack-a1f39e9ab9673166.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1a7daf9952fc246174eb475a55d48bcd8f2a1090e2df0b5b961de948a9fec151

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:45 GMT
strict-transport-security: max-age=63072000
age: 3154
content-disposition: inline; filename="page.page-e7d85c919ea3c5c5.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::xwjv7-1713564105952-637548920481
x-matched-path: /_next/static/chunks/app/(root)/p/homepage/page.page-e7d85c919ea3c5c5.js
etag: W/"d1483828b782dde245ec00ffb8b7d428"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

POST
H2 200 / Show response
o441793.ingest.sentry.io/api/5823479/envelope/ 2 B
299 B 83ms
26ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o441793.ingest.sentry.io/api/5823479/envelope/?sentry_key=50f039ff934e419597bde8e7652fc3d8&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.99.0

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 277 KB
94 KB 84ms
37ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/app/(root)/layout.page-4bb0a80726ff943f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

697b090c7524ec726d5636f8c7875ddcca65a2ef8ffe91968ff95aa88dd26b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96097
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Apr 2024 22:01:46 GMT

GET
H2 200 pixel.min.js Show response
cdn.mgln.ai/ 4 KB
2 KB 80ms
26ms Script
application/javascript 2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mgln.ai/pixel.min.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/app/(root)/layout.page-4bb0a80726ff943f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ccd0c0f3d7a88ddbae1648ae059a9e2a52540e691a7af0df30e4d3b2292bbc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
x-amz-version-id: Qluw.Dmpsqk5N8uDOhUTz5or_W6D3CxC
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: K87P5VA8WBXGBSY8
age: 4093
x-amz-server-side-encryption: AES256
x-amz-id-2: NsZrEUVKMxjNK327HVKu7gZCeZuPXfyqyTJPnyc1BvwOshyPNki9C6dTLml32kncTRWJCjs52/M=
last-modified: Thu, 08 Dec 2022 20:53:16 GMT
server: cloudflare
etag: W/"37bf51efaf3af89068b080c2d9635113"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2B%2FvOcq4AKkmB0wwQrOt0n%2Bh1OhYzMVXDf%2FdJQmMwZOV16P6bavK261YhjS8HCiQFIq5f59YKUu67eBQE2SbdKwkZgcnF2xxNWdu37m8Y48yy%2BIb0NwX3g7GSeNmIhkoHNeFj3Zz90mY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87702ccf1c840487-FRA

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/ 110 KB
30 KB 660ms
610ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/app/(root)/layout.page-4bb0a80726ff943f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9363faa774f409e51c309f43b8773285a6521a9272fac11dc96ce5c8d0ed3fd8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qWPoi0cQwXzLt_dmA6M3RgBX2UK5M.Eu
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
date: Fri, 19 Apr 2024 22:01:47 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 17 Apr 2024 00:24:23 GMT
server: AmazonS3
etag: W/"36198dd3b37bc3aff213d429695a563e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: 2RdeAEYE9N3EqoRDx5lHVpoqzFM_U62v2rZ8U3zyrm4VyEfs3-98cw==

GET
H2 200 t.png
tvspix.com/ 68 B
194 B 881ms
189ms Image
image/png 52.42.237.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tvspix.com/t.png?&t=1713564106030&l=tvscientific-pix-o-946859a1-af7d-49da-bef5-a1dcf030077a&u3=https%3A%2F%2Fwww.biltrewards.com%2F
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.42.237.31 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-237-31.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 19 Apr 2024 22:01:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 68
expires: 0

GET
H2 200 bilt.js Show response
decagon.ai/loaders/ 3 KB
1 KB 94ms
24ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://decagon.ai/loaders/bilt.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/0a08d48a-2ea4280064791d1b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fa10a41a8fd89e1784da2ae09f9d4f1cee48e98161e3ab35ec20cd9e2d9fba47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::lhdhk-1713564106150-3a4d89f101ec
age: 4238
x-matched-path: /loaders/bilt.js
etag: W/"653cacd6241644d8457a997c6cf05e54"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="bilt.js"

GET
H2 200 / Show response
www2.biltrewards.com/ Frame 8171 1 MB
79 KB 137ms
47ms Document
text/html 35.71.142.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.biltrewards.com/

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/0a08d48a-2ea4280064791d1b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.71.142.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0b1d980e1f2226c6.awsglobalaccelerator.com

Software

Caddy/e970ed4 /

Resource Hash

5cfedefb95154ab787f29ec754d293534271a0fb6cb774a8557c85e738765098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 80270
content-type: text/html
date: Fri, 19 Apr 2024 22:01:46 GMT
etag: "da5b6ba89e62fb105aceb4bbc083d0cd"
last-modified: Tue, 16 Apr 2024 19:09:32 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server: Caddy/e970ed4
server-timing: region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="e970ed4"
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H3

200

/ Show response
id.biltrewards.com/login/iframe/userdata/ Frame A76D
Redirect Chain

https://id.biltrewards.com/login/iframe/userdata
https://id.biltrewards.com/login/iframe/userdata/

35 KB
9 KB

267ms
267ms

Document
text/html

34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/login/iframe/userdata/

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/0a08d48a-2ea4280064791d1b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel / Next.js

Resource Hash

25c8b24643d1b21f3cceeeeb57b229f74c5c7480b1b8a4b96efabefd1e685396

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-type: text/html; charset=utf-8
date: Fri, 19 Apr 2024 22:01:46 GMT
referrer-policy: origin
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
via: 1.1 google
x-content-type-options: nosniff
x-matched-path: /login/iframe/userdata/
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: iad1
x-vercel-id: fra1::iad1::sk95t-1713564106157-a1ff08f1bd8f
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=0, must-revalidate
content-type: text/html
date: Fri, 19 Apr 2024 22:01:46 GMT
location: /login/iframe/userdata/
refresh: 0;url=/login/iframe/userdata/
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 google
x-vercel-id: fra1::8zv9m-1713564106125-4481cfb4ac7e

OPTIONS
H2 200 frontend
flags.biltrewards.com/api/ Frame 0
0 529ms
465ms Preflight 34.160.241.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://flags.biltrewards.com/api/frontend?sessionId=23070447&appName=bilt-rewards&environment=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.241.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.241.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://www.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: DELETE, CONNECT, TRACE, POST, OPTIONS, PATCH, HEAD, GET, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 19 Apr 2024 22:01:46 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google

GET
H2 200 GT-America-Standard-Medium.woff2
static.biltrewards.com/fonts/ 56 KB
56 KB 88ms
21ms Font
application/octet-stream 35.241.5.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.biltrewards.com/fonts/GT-America-Standard-Medium.woff2
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.91 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.5.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 500ba18736d9e2fc79546b0f1ff540b8d022a0405718c9c460e6da300f18f7d3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 21:10:42 GMT
age: 3064
x-guploader-uploadid: ABPtcPq9vVnYQBxKefPtOsK5PAiVTOpeaiY9qVPq_dLqT4Qo_eD9nmR8W0OyQZvA-9ggo3eeiO0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57076
last-modified: Wed, 24 May 2023 18:38:03 GMT
server: UploadServer
etag: "63dc66a0acb63f7b9c52d3a1996896dc"
vary: Origin
x-goog-generation: 1684953483763390
x-goog-hash: crc32c=rAUnxg==, md5=Y9xmoKy2P3ucUtOhmWiW3A==
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 57076
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 GT-America-Standard-Regular.woff2
static.biltrewards.com/fonts/ 57 KB
57 KB 108ms
41ms Font
application/octet-stream 35.241.5.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.biltrewards.com/fonts/GT-America-Standard-Regular.woff2
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.91 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.5.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9182e5785106498f498602328fe7137d757143fcf66ff2f263ac75f3ca54d7e2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 21:10:42 GMT
age: 3064
x-guploader-uploadid: ABPtcPpsRMwoVA0cCO4lZj7SiRzxB1siC9qX07czTs00I3mHLAt2ysnd7fPto2CNuXQwUXiGvIGYagri
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-x-goog-reserved-source-generation: 1668523730209285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58164
last-modified: Mon, 20 Mar 2023 23:30:32 GMT
server: UploadServer
etag: "34faea2a319852842506af0b1871af2f"
vary: Origin
x-goog-generation: 1679355032260337
x-goog-hash: crc32c=3JtdcA==, md5=NPrqKjGYUoQlBq8LGHGvLw==
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 58164
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 rent-day Show response
www.biltrewards.com/api/ 161 B
328 B 40ms
40ms XHR
application/json 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/api/rent-day

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7b4a35f9df6a6ded8782ac6d349b07a73f079796613fe2224d7a88db6f4b8658

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.biltrewards.com/
baggage: sentry-environment=production,sentry-release=ecac476089c78122d1eccf4b67718c07df1e46ca,sentry-public_key=50f039ff934e419597bde8e7652fc3d8,sentry-trace_id=ee962b8757bd4ebcb7271bbda2193e82,sentry-sample_rate=0.025,sentry-sampled=false
sentry-trace: ee962b8757bd4ebcb7271bbda2193e82-a16e4d0690c8f65e-0
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
date: Fri, 19 Apr 2024 22:00:12 GMT
referrer-policy: origin
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::cle1::m8l5g-1713564106107-572c99832d07
age: 93
x-content-type-options: nosniff
etag: "3pfcvapbfh4h"
x-vercel-cache: STALE
x-matched-path: /api/rent-day
content-type: application/json; charset=utf-8
cache-control: public
content-length: 161
x-xss-protection: 1; mode=block

GET
H3 400 token Show response
id.biltrewards.com/public/user/authentication/ 164 B
184 B 182ms
171ms XHR
application/json 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.biltrewards.com/public/user/authentication/token
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.183.110.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 154a430462b5d28c1c83c50d446f0dc064ea5ef28351f47378e5d3412e630030

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
content-type: application/json;
access-control-allow-origin: https://www.biltrewards.com
x-cloud-trace-context: 1e84c460f0d0335fe184dbb4aa4c3086
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162

GET
H2 200 frontend Show response
flags.biltrewards.com/api/ 5 KB
863 B 133ms
133ms Fetch
application/json 34.160.241.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://flags.biltrewards.com/api/frontend?sessionId=23070447&appName=bilt-rewards&environment=default
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.241.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.241.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 3cf9ea215fa4be40a28cc084a37252e1113ec1b33966cb7c1dd32a5aae6a690b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: bilt-frontend:production.4ecbf2972c41cd20e95e223a3a8f1be63d54d659b61391749811b96e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.biltrewards.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: br
via: 1.1 google
etag: W/"1320-oSOObV2OApOybod6OXhY8w=="
vary: accept-encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 101ms
19ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/assets/vendor/ada-compliance.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 42abaeedae71c9c420fccb74b34dc055920e0bbac9110aae0dee4e8422b5719f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 7b33e91c10f2279399751cc4de05f400.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 781
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 56
x-accel-date: 1713564050
x-77-nzt: EgwBw7WqEQH3OAAAAAwBnJIhJwH33gQAAA
x-accel-expires: @1713567650
x-77-age: 1302
last-modified: Thu, 18 Apr 2024 13:46:02 GMT
server: CDN77-Turbo
etag: W/"2941b5e65272ecad24d4e43ef5e53daf"
x-77-nzt-ray: 4c1562246b5a43d3cae92266552f730b
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: s27Z04QGFujtxpt5cK2aosQpLpYhTiXxpko78uiMJWUIfsOtrbK4sw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 501 KB
201 KB 66ms
19ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 11:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205471
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Apr 2025 11:29:10 GMT

GET
H3 200 ui.js Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ 295 KB
83 KB 69ms
45ms Script
text/javascript 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ui.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87a3392313500de980b01445d72f2f7e95bc0d26d5f938bb2f1a7ab569caf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 445
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"2ff4fae52b8ac954d5874b92987806e9"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 87702ccfbf753603-FRA
expires: Fri, 19 Apr 2024 22:02:46 GMT

GET
H2 404 / Show response
www.biltrewards.com/ 5 KB
4 KB 27ms
26ms Fetch
text/html 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

40030bd579b6f1aa692d946780383338458df1182f80d0001bc8243b608cba8c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
strict-transport-security: max-age=63072000
age: 3275
content-disposition: inline; filename="404"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::h7v7h-1713564106180-8fcf9e9a6487
x-matched-path: /404
etag: W/"bde39f87f2626cb9f90acbc891de1eb2"
x-vercel-cache: HIT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate

GET
H2 200 rewards Show response
www.biltrewards.com/ 155 B
3 KB 145ms
145ms Fetch
text/x-component 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/rewards?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

83af429bb32f32184dc42cdbde8dcec09e19d882b86a34c7122c8a042e8ec96c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::9gntb-1713564106180-d0484162d764
x-matched-path: /rewards.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 rent Show response
www.biltrewards.com/account/ 231 B
3 KB 161ms
161ms Fetch
text/x-component 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/account/rent?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

8423187c016ed5f49cc27133ecad313a24d824b83c6e7c6293bf5880d79e9725

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::dt9ns-1713564106180-be4594467b38
x-matched-path: /account/rent.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 dining Show response
www.biltrewards.com/rewards/ 179 B
3 KB 158ms
158ms Fetch
text/x-component 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/rewards/dining?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

8f65b44fb877472e43fea955ba239d5247e706bf698dab4082d22b3fa2f2c7cd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::x7vkg-1713564106181-710878e41c04
x-matched-path: /rewards/dining.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 travel Show response
www.biltrewards.com/rewards/ 179 B
3 KB 159ms
159ms Fetch
text/x-component 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/rewards/travel?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

b98ee44cdcc5f0b1d60fc95a11fdec4c0f555532f4c1aac32210923b9413a469

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::kz5gs-1713564106181-7d954f4d8f67
x-matched-path: /rewards/travel.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
166 B 160ms
47ms Ping
text/plain 52.210.64.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.64.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-64-4.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
cross-origin-resource-policy: cross-origin
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET
H2 200 web Show response
id.biltrewards.com/fsrelay/s/settings/13PEW8/v1/ 6 KB
7 KB 154ms
154ms XHR
application/json 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.biltrewards.com/fsrelay/s/settings/13PEW8/v1/web
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.183.110.34.bc.googleusercontent.com
Software: /
Resource Hash: bb86d91e3b389c31862f4b8bf4751da190f0cf386e9c1af4b193fb7f36754733

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.biltrewards.com
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google, 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 card Show response
www.biltrewards.com/ 2 B
3 KB 31ms
31ms Fetch
application/json 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/card?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
date: Fri, 19 Apr 2024 22:01:46 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 3275
content-disposition: inline; filename="card.rsc"
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::h7v7h-1713564106220-dd2bf04098ed
x-matched-path: /card.rsc
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-vercel-cache: HIT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 204 init Show response
mgln.ai/ 0
1 KB 126ms
117ms XHR
text/plain 2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgln.ai/init

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-length: 0
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713564106&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6D4FEMidv69NtEASc%2BlNuDA5gr6%2FlyYnxhDrOlXH%2Fao%3D
x-request-id: d82c8de2-f768-42d1-ab5e-e7c97ab5cd03
x-runtime: 0.000862
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET, POST
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713564106&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6D4FEMidv69NtEASc%2BlNuDA5gr6%2FlyYnxhDrOlXH%2Fao%3D"}]}
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache
vary: Origin
cf-ray: 87702ccfed1f0487-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
87 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10874839969&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da3554374a37dd00f0777ad0556c3cc1cc1492dd2b18566c8a7071b3acbf12d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88464
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Apr 2024 22:01:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
95 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QLSYZKSM0E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f8103066984fbd6221e75c58ce13db7a2e5cf6da89a29032033a457141d29c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96928
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 Apr 2024 22:01:46 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 28 KB
9 KB 77ms
18ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Feb 2024 20:38:48 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "9a680c8c475d8bba600d4d87b4fa7ee5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8702

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 178ms
121ms Script
application/javascript 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9G398RC77U9N0P9KPM0&lib=ttq
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 186539724274286a5c49371f8ce34a23e0aa73191a43b410e3845ef8924ec409

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1c53ba04
date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404192201468EAD40842C80E7F92CE2-6F7A00B26603ACBA-00
x-cache: TCP_MISS from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=95
content-length: 2157
pragma: no-cache
server: nginx
x-tt-logid: 202404192201468EAD40842C80E7F92CE2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,104.126.37.143
x-tt-trace-host: 0104c902ee5e7ef4b00cd2382972ed8e6c7e140cfc35c76174c0f3362da818480435f25f286b6411d6729dae002589cc4d7a3312ab616b887e144f552aba18b8f671160172836bb024ecdb86d28d4af7017d43c4d929ea26521e8d58ab2d2ed633
expires: Fri, 19 Apr 2024 22:01:46 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 172ms
113ms Script
text/javascript 3.69.41.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-26.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: cc94fe0318ee1d66fb09b079a03c1ca64c0daf3c303fd98a32aa0ee7951b7d33

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 19 Apr 2024 22:01:46 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 b-00ri.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 82ms
23ms Script
application/javascript 2600:9000:275d:f400:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/b-00ri.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:f400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b220223a8800d05dc359ab6bd8cb71e35cf06dde9bedc2f5d9014df3b1e4e1ac

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 16:28:08 GMT
content-encoding: gzip
via: 1.1 7daf545331a4f565a58e22b0fa952528.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 20018
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: L3q_1wOSUORyENW2GVyV1ypy2wP-DimpXE7n4xer39ulPrsBVLAKdQ==

GET
H2 200 chunk-IVGDQOPF.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 8171 563 KB
166 KB 104ms
51ms Script
text/javascript 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-IVGDQOPF.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

eb1ffeccaf95fde9ecf145e4ea93852a46e7d42b04d38ec858b891c5f6dfd8fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 19:26:22 GMT
x-amz-version-id: 8oKJtm.34dMQ_1Z743w8KeFclSocvgYK
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
age: 268525
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="C7qbEpj3Mke4-CwOuoaI9NkMlduFDoTipl0jWjeUQuBuwBdSZIsdqQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Apr 2024 19:09:30 GMT
server: CloudFront
etag: W/"afe18f4837ff901db978e3860b5b8f04"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: C7qbEpj3Mke4-CwOuoaI9NkMlduFDoTipl0jWjeUQuBuwBdSZIsdqQ==

GET
H2 200 chunk-ELYU6EKT.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 8171 447 B
1 KB 137ms
84ms Script
text/javascript 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-ELYU6EKT.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Jan 2024 02:31:13 GMT
x-amz-version-id: KBor7BFQn_pp2zxPGsA.bi5b6hyTs2yW
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8191834
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="VUpfyTz0Xh6z2VtfW3MQ1AMay7CGJmEcbcOhATIWMD_hE7sVkJbWJQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 447
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jan 2024 18:18:07 GMT
server: CloudFront
etag: "bac0d5b5f6a61029b51079932ccda746"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: VUpfyTz0Xh6z2VtfW3MQ1AMay7CGJmEcbcOhATIWMD_hE7sVkJbWJQ==

GET
H2 200 o5nx0y8gL9Q5XpEnTWw73jqlBv_82EBxcsRZtTau1_8.UVF2TTJC.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 8171 723 KB
103 KB 133ms
86ms Script
text/javascript 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/o5nx0y8gL9Q5XpEnTWw73jqlBv_82EBxcsRZtTau1_8.UVF2TTJC.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e310d272bb05b8caa31f4ec6de5437bfbd04800535c9069fa58550a911612ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 19:15:38 GMT
x-amz-version-id: _y1dlbWA1QfAM03AVP9Kw3OtIPLPr5Ay
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
age: 269168
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="wV-zCZdJEIeil9HcEAzPN522hnlljW_MeTwDCVKOg3IPxHdvlTHaMQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Apr 2024 19:09:30 GMT
server: CloudFront
etag: W/"0ad570e3afd63a4d636754544e6c7b9f"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: wV-zCZdJEIeil9HcEAzPN522hnlljW_MeTwDCVKOg3IPxHdvlTHaMQ==

GET
H2 200 chunk-YMXEJLDD.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 8171 700 B
2 KB 132ms
85ms Script
text/javascript 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-YMXEJLDD.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

1d6ec88f567df6145ff31cc4f634d8c576965b5572838f97f9de77af6c3d3239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 07 Feb 2024 07:46:54 GMT
x-amz-version-id: kqrsrKuANINZi08S3mJ7cUCGizvoSq7Y
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 6272093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="zn0RXkf-yO-XGXUumMsghQNgUTuu9kRwkbyQown6Wc0O1K-Qe3KU1w==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 700
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Feb 2024 17:06:44 GMT
server: CloudFront
etag: "f2a1f09b1f23f395f4d6d7dd9f39d37b"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: zn0RXkf-yO-XGXUumMsghQNgUTuu9kRwkbyQown6Wc0O1K-Qe3KU1w==

GET
H2 200 chunk-42U43NKG.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 8171 44 B
959 B 157ms
110ms Script
text/javascript 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-42U43NKG.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 Nov 2023 16:55:56 GMT
x-amz-version-id: evlVAxy7o1HEHfkTxbxNsM7i9okrmm0E
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 12200751
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="FSrJ8vDonIr9CY70F6MvRTcCVZIdgowPLnu3F_DxAa44E7NJ8Nzx0Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 44
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Nov 2023 16:29:22 GMT
server: CloudFront
etag: "f5fe0cab78140e0e5aa29f68ce8c2888"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FSrJ8vDonIr9CY70F6MvRTcCVZIdgowPLnu3F_DxAa44E7NJ8Nzx0Q==

GET
H2 200 fs.js Show response
id.biltrewards.com/fsedge/s/ Frame 8171 263 KB
0 1ms
1ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.biltrewards.com/fsedge/s/fs.js
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.183.110.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ed3b2365a716dc5d7564db9d5628d6f303a27dcf6a259b48f287a135dbb8943b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 21:24:29 GMT
content-encoding: br
via: 1.1 google
age: 2237
x-guploader-uploadid: ABPtcPrN4v2X9uCDJq5vNrXjannBAinK1ZS9LSQnx17R0732wKvtWq1B7kwDxB4SY7_whOVcoxo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73052
last-modified: Mon, 15 Apr 2024 13:22:46 GMT
server: UploadServer
etag: "380d8a7f0c6efde29aadfbaeffde8d5a"
vary: Accept-Encoding
x-goog-generation: 1713187366176458
x-goog-hash: crc32c=VjwVaQ==, md5=OA2Kfwxu/eKarfuu/96NWg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 73052
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 19 Apr 2024 22:24:29 GMT

GET
H2 200 widget_app_base_1713447826466.js Show response
cdn.userway.org/widgetapp/2024-04-18-13-43-46/ 152 KB
43 KB 72ms
25ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-04-18-13-43-46/widget_app_base_1713447826466.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3421661732cef957fe1c4ceeec168e5bba75f034d4977c564443c9e85a96caff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 944
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 114042
x-accel-date: 1713450064
x-77-nzt: EgwBw7WqEQH3er0BAAwBJRPCLgH3OgQAAA
x-accel-expires: @1739368982
x-77-age: 115124
last-modified: Thu, 18 Apr 2024 13:45:56 GMT
server: CDN77-Turbo
etag: W/"b8ff832ad352b5636d397b2df764702f"
x-77-nzt-ray: 4c156224336ea7d4cae922666716a511
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: W2rnq7mGcMG5FJjdqvCVCR3Osz421S67oktl9XIF38OeiJPnmDfS5Q==

GET
H2 404 terms
www.biltrewards.com/ 29 B
0 877ms
875ms Fetch
text/html 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/terms?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
date: Fri, 19 Apr 2024 22:01:47 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
x-imgix-id: 8aaa2e3a4d9b8d892480bc4eb750f61cd43dad13
x-status: MISS
content-length: 29
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10028-SJC, cache-fra-eddf8230048-FRA
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::h7v7h-1713564106254-78418a82338b
vary: Accept-Encoding
content-type: text/html,text/html
access-control-allow-origin: *
cache-control: no-store
accept-ranges: bytes
cf-ray: 87702cd03d224d38-FRA
timing-allow-origin: *

GET
H2 200 script Show response
events.framer.com/ Frame 8171 16 KB
16 KB 443ms
389ms Script
text/javascript 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/script
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash: 03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 9ec406dc5379d974fc3d9f41dd497bf0.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 15882
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6622e9ca-6e4408ce6f5d78921107bd8f
x-amzn-requestid: cfa6d548-56ff-484d-bcb9-8f9d4f701120
x-cache: Miss from cloudfront
content-type: text/javascript
timestamp: Fri, 19 Apr 2024 22:01:00 GMT
x-amz-apigw-id: Wfl3sFRqIAMEnxA=
content-length: 15882
x-amz-cf-id: JO8UaTxyy7c9GUPSNeJa-xq44MqLBx1e4G5X_hC_Zc3TIJ2z6oNx3g==

GET
H2 200 QjUw3jJCmMzYz9c4QnfbBW9f90.png
framerusercontent.com/images/ Frame 8171 176 KB
177 KB 108ms
64ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/QjUw3jJCmMzYz9c4QnfbBW9f90.png?scale-down-to=2048

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0f21a3f784c0a180951483e44e8878606dd7e74c330a40afdcabfd998bd9ed9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 07:16:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9643496
x-amzn-requestid: 93163bec-85c6-4ed1-8290-c1f9df2c9dac
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Xr4jJfOrLoya2W-y-rBHU57DwTmFkRejKzXMTj7dxeEh3tG5maV_sg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-658fc3e1-57315a206d7a02da7190c7b6;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Xr4jJfOrLoya2W-y-rBHU57DwTmFkRejKzXMTj7dxeEh3tG5maV_sg==

GET
H2 200 OJrwICelx547sU9TUfsOWWw2XU.png
framerusercontent.com/images/ Frame 8171 74 KB
75 KB 73ms
37ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OJrwICelx547sU9TUfsOWWw2XU.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cf864361a24b9afe094f76d502d804e878318535e9479c428babec04f792bb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 21:01:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9593996
x-amzn-requestid: 6bd86dc0-47a2-4c16-a0c3-51f3b79bd10b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="XKSvRcPK__EvDOwLgeYNjtdgOXhokLyE-V2T2AMz4evx10v3uZklJw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6590853d-6cbbd6e16a26746a51f173da;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: XKSvRcPK__EvDOwLgeYNjtdgOXhokLyE-V2T2AMz4evx10v3uZklJw==

GET
H2 200 LqDnnljXEwgpUOKntxS1EWW6Rg.woff2
framerusercontent.com/assets/ Frame 8171 62 KB
63 KB 126ms
98ms Font
application/octet-stream 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/LqDnnljXEwgpUOKntxS1EWW6Rg.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b758c20d70f6b20fa85f31c23b9dea1ad5551a1cfd9ed56485c63cc592b2a15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 11 Dec 2023 19:43:08 GMT
x-amz-version-id: 2K1KJcp0J5ZC8eipZGka2Zx75YaYhk90
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11240318
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="GNfX2f5kyBHHSkBZIKSTQqOM6sKADWB5Szoj4lMAm13TMV5xZebbtg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
content-length: 63328
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 21:13:11 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "c2d37cba33fee33551bad2907242eab9"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GNfX2f5kyBHHSkBZIKSTQqOM6sKADWB5Szoj4lMAm13TMV5xZebbtg==

GET
H2 200 ZOQnZ28bo7qibfKtLjS7lnsO4~aPaqOZNJkxYT2qc_-WAEnT8sEAw10p7tnZdSX4PzEH4.woff2
framerusercontent.com/modules/assets/ Frame 8171 57 KB
58 KB 53ms
25ms Font
application/octet-stream 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/assets/ZOQnZ28bo7qibfKtLjS7lnsO4~aPaqOZNJkxYT2qc_-WAEnT8sEAw10p7tnZdSX4PzEH4.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ae3cd625206f3b22398ce3e5ffcc22c2a6ff95a535e7c4addbfb7e7e2d146ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 22:33:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 257325
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="cSVG7DeQ8zGcNHruPWE4bo6R9tN3d4kSHdQCSONyZIl86d0ZGJCnfg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
content-length: 58660
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-frame-options: deny
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
vary: Accept
timing-allow-origin: *
x-amz-cf-id: cSVG7DeQ8zGcNHruPWE4bo6R9tN3d4kSHdQCSONyZIl86d0ZGJCnfg==

GET
H2 200 s15i8VNMBMOyVBn9RdA2jtEVxk.woff2
framerusercontent.com/assets/ Frame 8171 61 KB
62 KB 133ms
105ms Font
application/octet-stream 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/s15i8VNMBMOyVBn9RdA2jtEVxk.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9dd316606967a03abedcf35c83300f9763241b13a2066f67dabff0573def70e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 08 Oct 2023 21:54:56 GMT
x-amz-version-id: QzjntSJQOtTLeMbw9KBGRRx4g5m0iW0c
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 16762011
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="5A6p6OtUAaYJW0FpjPIJikMJjf2VAv4_cILjDc01MGTEkZMV-r2Wbw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
content-length: 62460
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 21:13:09 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "5fff9cfbc052741b83f04fadc035af87"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 5A6p6OtUAaYJW0FpjPIJikMJjf2VAv4_cILjDc01MGTEkZMV-r2Wbw==

GET
H2 200 9vZ4CFUb3rKQR5PiFoCAG4XK9ds~OMnLjX5KG42fbQ9CabmPYWfngmsLKfBkxrst4820Nz8.woff2
framerusercontent.com/modules/assets/ Frame 8171 56 KB
56 KB 136ms
108ms Font
application/octet-stream 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/assets/9vZ4CFUb3rKQR5PiFoCAG4XK9ds~OMnLjX5KG42fbQ9CabmPYWfngmsLKfBkxrst4820Nz8.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ff65c7581b6b14184d2d6ab9ebe9416b06fcbb86c3a7a32ca30b3bc7871256a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 16:03:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2095069
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="vR5ohJB9l_gHX8RNVySkz8neW-9HyuX2Sl5kKtLWxY8Pyn88NxWhfg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
content-length: 56856
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-frame-options: deny
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
vary: Accept
timing-allow-origin: *
x-amz-cf-id: vR5ohJB9l_gHX8RNVySkz8neW-9HyuX2Sl5kKtLWxY8Pyn88NxWhfg==

GET
H2 200 Bxu6GY24oplllZd0X0beaOpeu1Y.png
framerusercontent.com/images/ Frame 8171 33 KB
34 KB 95ms
93ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Bxu6GY24oplllZd0X0beaOpeu1Y.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

85f5de4dc60ee136c7f141c4999ed8ab88b9bf0aed3a5806f9cbc4283a901b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 21:04:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 17629057
x-amzn-requestid: 47a703ad-c5a4-4663-a7ca-41b0215b5529
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="fhUi9HvgSTQJYHfF9kTylW511NOOtY4Y5sZgPWvZF_gM2tf3a-ccgg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515ea49-22781c72779d140e4acf41d7;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: fhUi9HvgSTQJYHfF9kTylW511NOOtY4Y5sZgPWvZF_gM2tf3a-ccgg==

GET
H2 200 Yq0ObCqEE6wFZWZK5Dp54noE4.png
framerusercontent.com/images/ Frame 8171 39 KB
40 KB 98ms
96ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Yq0ObCqEE6wFZWZK5Dp54noE4.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

64ee05b98a022eb8e7c5f531342a77e8265378f08c4665c90e0b0ca953373b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11056426
x-amzn-requestid: ac6a76f4-935a-4fe5-8b35-27cf98ada30c
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="qMo2mkXTIJnq6MRDUsxDdADhgGYGxsGZvZSA2r56ADXNndW83SyrxA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-5adfee7741d945b93610ede9;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qMo2mkXTIJnq6MRDUsxDdADhgGYGxsGZvZSA2r56ADXNndW83SyrxA==

GET
H2 200 kPxJM4tLgnLH1CadICtjXQIzHyU.png
framerusercontent.com/images/ Frame 8171 14 KB
14 KB 99ms
98ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kPxJM4tLgnLH1CadICtjXQIzHyU.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6ba51e661ea99d73f18d67c0759bdfa54b3c409cab8308cccb0b4e94e6750ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11056426
x-amzn-requestid: 2e4005e3-d4f1-4223-8f10-ce4e29194f95
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="j8F18ppqSjH7GTpI5CbBap5e1JkN-d4Z7MtxTp_VmfubwXp9F23Byg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-166d1a7913e3bf6f4caff6ea;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: j8F18ppqSjH7GTpI5CbBap5e1JkN-d4Z7MtxTp_VmfubwXp9F23Byg==

GET
H2 200 kZedshteNKwEnTSThLDeUR8Dvg.png
framerusercontent.com/images/ Frame 8171 3 KB
3 KB 107ms
105ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kZedshteNKwEnTSThLDeUR8Dvg.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2b6ffa1fda482766ba9db7607cf480fea2d6e045ea6d629cb1006b1384f43d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11056436
x-amzn-requestid: 955dccb4-047a-403f-864a-55cccbf57bbd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Htk0AA79CfkwvLcD43gp_Uzk4K1FvZG6LajD2kOiHZDRpTJ0YTTuUw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-4028c3652793ae1569eb83fd;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Htk0AA79CfkwvLcD43gp_Uzk4K1FvZG6LajD2kOiHZDRpTJ0YTTuUw==

GET
H2 200 PpmuiGEDXM3kHtBp5icQtJnddr8.png
framerusercontent.com/images/ Frame 8171 36 KB
36 KB 102ms
101ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PpmuiGEDXM3kHtBp5icQtJnddr8.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c2f14ac6aa2d1007f23dbc8cd5535ae456550e6b6cec1114a60d56610e526861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11056425
x-amzn-requestid: 570231b1-76ce-4948-b9d1-87e54e335dd5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="JWP1tSRf6IejxkOFXs90RGDQlatEjBJP405BXKll1xgjnVk31k0TlQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-441c7c2c01bc6a640ffabe9c;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JWP1tSRf6IejxkOFXs90RGDQlatEjBJP405BXKll1xgjnVk31k0TlQ==

GET
H2 200 u3YgOCmum1dUpL43rOc7L0t2pTE.png
framerusercontent.com/images/ Frame 8171 37 KB
38 KB 103ms
102ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/u3YgOCmum1dUpL43rOc7L0t2pTE.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8fac5963cf08bccb52ed83675b4ab217e5c9dcf28d37f50f9b0f023fc0a9b783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11412631
x-amzn-requestid: 8de716e5-6484-465d-9b98-bf5b719b5ddf
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="IkF3-EExmUPHPChBKfjojb1CPdTkwATlgN-mG35mBj6Y5ZP2r-s9Kw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-40ada02066e2ce3903f68f4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: IkF3-EExmUPHPChBKfjojb1CPdTkwATlgN-mG35mBj6Y5ZP2r-s9Kw==

GET
H2 200 q2ZbwDh95WKyNtMuZKqIZa0Y.png
framerusercontent.com/images/ Frame 8171 69 KB
70 KB 108ms
106ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/q2ZbwDh95WKyNtMuZKqIZa0Y.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f72d0a5af37884e1b1b98c1d843591b5618a80cab198ce8e85cf4131dfde5524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11412631
x-amzn-requestid: 95e9b69a-0251-436a-88f6-acfa14840b49
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="YFQn1IZmqBJpv-AemUStQL3eyaUeit1GfaamQcx5TKScxDJydyzoyA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-62a3a44b33d91cba46c2e0b4;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: YFQn1IZmqBJpv-AemUStQL3eyaUeit1GfaamQcx5TKScxDJydyzoyA==

GET
H2 200 VyL41pOzjpyf0ifC7GjerSeo3E.png
framerusercontent.com/images/ Frame 8171 45 KB
45 KB 114ms
113ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/VyL41pOzjpyf0ifC7GjerSeo3E.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

12eb90ba365f5499e5dcca6dfa9e11e5e451e601f20c46d05cacfa45bbe0fa68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11056425
x-amzn-requestid: 7a18f60e-5932-47f5-875d-17f2793f98fd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="gIAWHOMwPTc4oqF2T9knem5la7c-W9hGg1JKX1lx0NRi9xKZY9AVzw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-73b0f6ff3b15cf5703eadbaf;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gIAWHOMwPTc4oqF2T9knem5la7c-W9hGg1JKX1lx0NRi9xKZY9AVzw==

GET
H2 206 ysCNtc4urbg6XoahxtFjQ5iM.mp4
framerusercontent.com/assets/ Frame 8171 1 MB
0 150ms
149ms Media
video/mp4 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/ysCNtc4urbg6XoahxtFjQ5iM.mp4

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://www2.biltrewards.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 21 Feb 2024 19:18:05 GMT
x-amz-version-id: ZGpzvVL52zWME_U_sZUF.yLajT1DjUei
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 5021022
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
Content-Range: bytes 0-7171940/7171941
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="crNxyr2kTQgpqmbi7gSzKDYW-QyITH4ni7fngU-bFxUJNzqArc_OjQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=10
alt-svc: h3=":443"; ma=86400
Content-Length: 7171941
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Feb 2024 19:00:48 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "007bb0d7a6f76537bc66283ea97c56f3"
x-frame-options: deny
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: crNxyr2kTQgpqmbi7gSzKDYW-QyITH4ni7fngU-bFxUJNzqArc_OjQ==

GET
H2 200 ly7hsGndYyaskNI1AqcxaAt6I.png
framerusercontent.com/images/ Frame 8171 24 KB
25 KB 118ms
116ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ly7hsGndYyaskNI1AqcxaAt6I.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4f452334c46c15d7198eb2155a3ec0d93ee81b7d1dfaaee86fe67532299b4f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11056425
x-amzn-requestid: 26ed4e78-6421-49aa-8b87-e1be9f6ffb6f
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="OrPRSUqfC132VALdzKNKlbenselpKRZVSWFGg3XBI_PN2TP97fAZ1w==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-319c6f954b10e76e02e15a89;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OrPRSUqfC132VALdzKNKlbenselpKRZVSWFGg3XBI_PN2TP97fAZ1w==

GET
H2 200 RVFtmFp0chpaTRBkxXKss5HkWuI.png
framerusercontent.com/images/ Frame 8171 25 KB
26 KB 119ms
118ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/RVFtmFp0chpaTRBkxXKss5HkWuI.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

dc9d99b4069719085cc1a67a93350f47b0d97185bc95c4afc509b917ca2a5ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11412631
x-amzn-requestid: c054beb9-a99a-44c8-b6e4-8efd99661635
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="_rVJVFdCOoJy0M2bR8SGTQJOrgA-a9YsadSYrYvJUh1_UjGQYpxaqQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-689e8b4f72eef1440beb86f3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _rVJVFdCOoJy0M2bR8SGTQJOrgA-a9YsadSYrYvJUh1_UjGQYpxaqQ==

GET
H2 200 wkMxGLA0wVGsaSgWt2doW86Zic.png
framerusercontent.com/images/ Frame 8171 31 KB
32 KB 120ms
119ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wkMxGLA0wVGsaSgWt2doW86Zic.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5ac1c77c992ddf5093ee99f3128e769ce4e854e31d63a45a5c229fa012f3d27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11056425
x-amzn-requestid: ba6827ad-aabc-411e-9dc2-dfa723dd0780
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="oWxsROIyUlJgrtbrhtfj1e6E3R7tw4v7yvWEsWKILq_ceObvsyDUbw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-644b15642b1ea7fc78e9b405;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: oWxsROIyUlJgrtbrhtfj1e6E3R7tw4v7yvWEsWKILq_ceObvsyDUbw==

GET
H2 200 UPxnowvsa2Fbt3lp5oDDFXRjROc.png
framerusercontent.com/images/ Frame 8171 32 KB
33 KB 148ms
147ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/UPxnowvsa2Fbt3lp5oDDFXRjROc.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

af6eba57bf2517abf6514c8efc984691780db40d0468f1bf9e4d1f8687d0f3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11580461
x-amzn-requestid: e03300e0-9cad-43fc-8ab6-de726d6b5f30
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="6HgA0-g7H9aKv6Y26u1dPwgLJF3VV2dm04skZXoY4qEdHjjGGCxdiw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-765ffb934b7dbe1f748e348d;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6HgA0-g7H9aKv6Y26u1dPwgLJF3VV2dm04skZXoY4qEdHjjGGCxdiw==

GET
H2 200 2Zx97veGwo826dqlIbR2hMKiY.png
framerusercontent.com/images/ Frame 8171 85 KB
86 KB 120ms
119ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/2Zx97veGwo826dqlIbR2hMKiY.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4dd34f61aca89d6bc803b2bd3feb6a97b9be91c52dc7cfb6bf64971b08b3f83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 05 Dec 2023 23:57:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11743448
x-amzn-requestid: c6578a5d-2b8c-483a-ac9d-b78066b234a7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="NCezgbmXnQXSxDfbuguqfFzEEDdFHZaMXMU6Oc8SQOY-tYEnrRAWVg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-656fb8f2-1a3284985a17b98d6b56e9b6;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: NCezgbmXnQXSxDfbuguqfFzEEDdFHZaMXMU6Oc8SQOY-tYEnrRAWVg==

GET
H2 200 i6iRuC8inkOu49dyb2cMx7KLX9o.png
framerusercontent.com/images/ Frame 8171 32 KB
32 KB 123ms
122ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/i6iRuC8inkOu49dyb2cMx7KLX9o.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c04daf4d84b602e33cd55244de90765807629d32b9bec66402b61bbc9666995c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11580462
x-amzn-requestid: d1276dde-ce3c-43b3-bdf2-19fb56353b67
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="XldahmkUBwYFUsS_OnHlSZTBA2gCfrQaYSb0H-pwtkXnlmIHEshqPw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-6d94249e4d78cc9c47e01d91;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: XldahmkUBwYFUsS_OnHlSZTBA2gCfrQaYSb0H-pwtkXnlmIHEshqPw==

GET
H2 200 4Um58dLygSHRrlUbzVAaCiPfHeE.png
framerusercontent.com/images/ Frame 8171 61 KB
62 KB 145ms
144ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/4Um58dLygSHRrlUbzVAaCiPfHeE.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

d065eff191539c5a5e24a3a4f1bb8ff55a32c7701e34d57ae8b49ca555bdeb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 02:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10955645
x-amzn-requestid: 76e437ee-349e-4296-8605-83da030eb99b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="VkCbLxmG0hc11zKJe2vRIS39Q-uSCNNqMFkVl_gkML7nVCSQri_RuA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657bbe4d-6fba888c030366654cd8e9e2;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: VkCbLxmG0hc11zKJe2vRIS39Q-uSCNNqMFkVl_gkML7nVCSQri_RuA==

GET
H2 200 OwD5vj1mJJkrw8fQ4TLBsZu7VY.png
framerusercontent.com/images/ Frame 8171 67 KB
68 KB 148ms
147ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OwD5vj1mJJkrw8fQ4TLBsZu7VY.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

76d2ff093e6915059cf45b5a51b88ccd5e79c038e42ecd2cf5817403b6c52cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11056424
x-amzn-requestid: 78b339dd-e4b5-456c-bb1c-74370a5115ab
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="5OdhZZJZKCnA6sEYFQo1eOlFyULEaM2MDJsKs88KD3ROWufJDnpYZg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-47094d6076a345a112379c31;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5OdhZZJZKCnA6sEYFQo1eOlFyULEaM2MDJsKs88KD3ROWufJDnpYZg==

GET
H2 200 6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
framerusercontent.com/images/ Frame 8171 214 B
986 B 146ms
145ms Image
image/svg+xml 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/6tTbkXggWgQCAJ4DO2QEdXXmgM.svg

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jul 2023 10:01:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 24667246
x-amzn-requestid: cd6fe516-7186-49ea-8583-2bab5f74ff2a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Rgv1Qi0Qpm3Vsp9waI5MWXYR4YbinikFR7QfTG98fJrMI8ogkNnAqw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64aa855c-0af01ff92e851a665abb74ce;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Rgv1Qi0Qpm3Vsp9waI5MWXYR4YbinikFR7QfTG98fJrMI8ogkNnAqw==

GET
H2 200 11KSGbIZoRSg4pjdnUoif6MKHI.svg
framerusercontent.com/images/ Frame 8171 215 B
992 B 147ms
146ms Image
image/svg+xml 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/11KSGbIZoRSg4pjdnUoif6MKHI.svg

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 12:09:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 12131531
x-amzn-requestid: f927c207-5d43-4a31-84ec-0d06d0c63c6a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="yGgIOH-yn2zWpkQGjvDTLHd6fQhZAPq5TfzzgiZ2CHvqhoMdLfTsGw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6569ccff-42414f1e2713071463b83623;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: yGgIOH-yn2zWpkQGjvDTLHd6fQhZAPq5TfzzgiZ2CHvqhoMdLfTsGw==

GET
DATA 200
OK truncated
/ Frame 8171 16 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6162a259efcc903ece88a8301a46b44e3a77c220b3752c01eb02caa0af358870

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 16 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab32bc58349446cd3c8761af45640b13ed01073a6553e5779a9b03852d591ca4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 536 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea9ed2f612e41fcd700060fad5eff94165c56fb549e6334173177b4a540a5a9d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5b3b178dc8df3767511096744a36ee3edcee7ed62be5f8504244e6b70cf7398

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 406 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 990fba98068c77b0616f1d04a1df3ae1e0b6a0fe19809beb34864ab99044ba78

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 8qn5SJXAslrGaAAxdWjJDc6gng.woff2
framerusercontent.com/assets/ Frame 8171 47 KB
48 KB 56ms
46ms Font
application/octet-stream 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/8qn5SJXAslrGaAAxdWjJDc6gng.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b02546b57554da630a4827a7755b1f72d22374513f811dc0590ebe942758cbfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 12:32:13 GMT
x-amz-version-id: Uo2HPioSZt72O.VWi6F9mEBTdQw0j0ck
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10920574
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="9TZJt_mZxlU7JlFpiIcMhfZgCHC00-XSh3lN2MoRLkgQHw8UR4b_MA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
content-length: 48256
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 21:13:11 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "425ac390cb52f1e99c8b61faa7e6a235"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9TZJt_mZxlU7JlFpiIcMhfZgCHC00-XSh3lN2MoRLkgQHw8UR4b_MA==

GET
H2 200 0iJMoAt43UHHN4iZwJ9BRySDSfM.woff2
framerusercontent.com/assets/ Frame 8171 57 KB
58 KB 56ms
47ms Font
application/octet-stream 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/0iJMoAt43UHHN4iZwJ9BRySDSfM.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9182e5785106498f498602328fe7137d757143fcf66ff2f263ac75f3ca54d7e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 12:32:12 GMT
x-amz-version-id: AT_2BH0O2V6cPJxPyzU1of5S3JbluJW3
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10920575
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="KxuiJq63m4NPu7ETWHvUjS_h3wo3tqoYlU74oL2LDRcSws24qnG7rA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
content-length: 58164
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 21:13:09 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "3a1c34d491e0f22ddcce5ef4225fc4e4"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KxuiJq63m4NPu7ETWHvUjS_h3wo3tqoYlU74oL2LDRcSws24qnG7rA==

GET
H2 200 ZIA17DG79ouXlfoQjamRRhk3cc4.woff2
framerusercontent.com/assets/ Frame 8171 56 KB
57 KB 58ms
49ms Font
application/octet-stream 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/ZIA17DG79ouXlfoQjamRRhk3cc4.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

500ba18736d9e2fc79546b0f1ff540b8d022a0405718c9c460e6da300f18f7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 08 Oct 2023 21:54:56 GMT
x-amz-version-id: 2bAIUvN.lJv0IRflfgk7e39O0NwsKLB9
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 16762011
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="6EBWMdecnSru1z0-HZQoV-s4eKwo0jfazzr5r-f8h7E_1dWzNlOQQg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
content-length: 57076
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jun 2023 17:17:03 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "ee4103e3d2fcb9bd36adc839b2456f83"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 6EBWMdecnSru1z0-HZQoV-s4eKwo0jfazzr5r-f8h7E_1dWzNlOQQg==

GET
H2 200 GT-America-Extended-Bold.woff2
static.biltrewards.com/fonts/ 63 KB
63 KB 25ms
25ms Font
application/octet-stream 35.241.5.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.biltrewards.com/fonts/GT-America-Extended-Bold.woff2
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.91 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.5.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4b0bb6d8a058a42f5caa03df8bb35b72fed5a1987f6e10602ceb384ddb10d41a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 21:37:44 GMT
age: 1442
x-guploader-uploadid: ABPtcPrYocxMk0NPThktBglP3W6QdsMqxlJJMfPwJUyIi7Emv98OvGBRGCHyswUzbJO24NRCnvs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-x-goog-reserved-source-generation: 1668523728054486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64096
last-modified: Mon, 20 Mar 2023 23:30:33 GMT
server: UploadServer
etag: "62d21cb9a8474aa65c284dc0af48bc30"
vary: Origin
x-goog-generation: 1679355033778551
x-goog-hash: crc32c=ri+bug==, md5=YtIcuahHSqZcKE3Ar0i8MA==
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 64096
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 xCQC3Wupbo8m3lPpUkDhzX5YD4.png
framerusercontent.com/images/ Frame 8171 61 KB
62 KB 83ms
74ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/xCQC3Wupbo8m3lPpUkDhzX5YD4.png?scale-down-to=1024

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

052aad9f617143aa4ac1796210fe7d4b591bddfca04b80a52bb44382bf0fcaaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 Nov 2023 08:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 13442128
x-amzn-requestid: 9b6a1016-27a4-4c1c-bf6c-4dd5244f6e72
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="6XV3QoRYI-3BWBe_DspCm9a3NCSkmrDFqjwHk-BzzXFDnYg_qAfC-A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6555cd7a-72716d0321980bee33a7f28e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6XV3QoRYI-3BWBe_DspCm9a3NCSkmrDFqjwHk-BzzXFDnYg_qAfC-A==

GET
H2 200 7dgusnBALjfsS0yucyysUvo9a8o.jpg
framerusercontent.com/images/ Frame 8171 97 KB
98 KB 82ms
73ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/7dgusnBALjfsS0yucyysUvo9a8o.jpg

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

16e01cf649348ae4aa10d00073964eb618ddfe12fb19832485fb131dda930f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 22 Feb 2024 18:15:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 4938349
x-amzn-requestid: f79f9e01-484c-4a08-bdbc-c2fddeffb140
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="WAQd_sbW4hAJjJbZU6bHzlA_TUGyVKUNGsKeutbC_S86jJugOoDOrQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65d78f5d-62e6045614e49c90304ec543;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WAQd_sbW4hAJjJbZU6bHzlA_TUGyVKUNGsKeutbC_S86jJugOoDOrQ==

GET
H2 200 NI61TIlpX6TJbklIpHSie2tEpGE.png
framerusercontent.com/images/ Frame 8171 65 KB
66 KB 83ms
74ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/NI61TIlpX6TJbklIpHSie2tEpGE.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5e5037129f05b5364a856cbc1a8bfbbaad20aeca2fe2c43d8590a856c753d485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 Nov 2023 10:28:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 12483193
x-amzn-requestid: 413005f5-e144-4729-aaee-163700256cfb
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="3pdDrsysdCywvkn8R81TBxSEZxdYxWJIvj-1ciNGWfmQwv3Ho79OTA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65646f51-5dc48f8225829ec367f04792;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 3pdDrsysdCywvkn8R81TBxSEZxdYxWJIvj-1ciNGWfmQwv3Ho79OTA==

GET
H2 200 emCFcnwNiMYScIxwr45IJOzQLg4.png
framerusercontent.com/images/ Frame 8171 5 KB
6 KB 83ms
73ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/emCFcnwNiMYScIxwr45IJOzQLg4.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b7b8ac25904dcb445701b5d1efa127727723d8d9e7f440457f12ca5d3b26c9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:48:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1390400
x-amzn-requestid: 75f1e76e-20fc-4823-8017-c428c2130abc
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="KZaLoBbXBVdigVvEv04_txqYCg45MsVLxWG4kVUnnK6banbrUfOTKA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db289-383c080d3bfe679a0b020e02;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: KZaLoBbXBVdigVvEv04_txqYCg45MsVLxWG4kVUnnK6banbrUfOTKA==

GET
H2 200 B2j04d4DELSVPqW3pu2DeFzMZU.png
framerusercontent.com/images/ Frame 8171 5 KB
6 KB 83ms
73ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/B2j04d4DELSVPqW3pu2DeFzMZU.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b27e2ff6dcd76549f2f66acf69dbcc8a5dcc53af127a14ac4e5d33adcd18cde7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:48:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1390384
x-amzn-requestid: b23c1655-2496-4d6d-ba25-b5575ea0ccd8
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="5XEW2PkSrb-gcWNBiLC7nslMM0_hlLvfQmhZNsKSXQNnDP0HKxaRBA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db299-77502d3d29d3b3ed0817ab4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5XEW2PkSrb-gcWNBiLC7nslMM0_hlLvfQmhZNsKSXQNnDP0HKxaRBA==

GET
H2 200 f2fwl12tvW9YGosVlJxHf8yLgk.png
framerusercontent.com/images/ Frame 8171 5 KB
6 KB 83ms
74ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/f2fwl12tvW9YGosVlJxHf8yLgk.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4fd7bdd78f1e54f45a4a21f57679cb6fdf3aee47a8d71dd8852a4193eb9c4b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1390338
x-amzn-requestid: e9e15c28-6c87-4076-9450-45e5a8522d05
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="xbHoYkMqWFSY4XocwTUxtivbfyCvOFigWOoQNAjTrs3OJr8ci3W8Sw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db2c6-198fe3572d1549c7708610ba;parent=7e93a6060e332e86;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xbHoYkMqWFSY4XocwTUxtivbfyCvOFigWOoQNAjTrs3OJr8ci3W8Sw==

GET
H2 200 XjelGy0AgZXWBtmYgQFM6So2cZU.png
framerusercontent.com/images/ Frame 8171 25 KB
26 KB 84ms
75ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/XjelGy0AgZXWBtmYgQFM6So2cZU.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a935b85e486d01cfd4d6367d1fa1cab1ae49196644c492860878cf959e332633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 17:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 17640232
x-amzn-requestid: c346a2e6-eb2d-43fb-9561-2d4dd1b33b36
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="F0D7s0uLVGFPWfmnA0PCohsHKxh375hLlRUqZTndi3V5NiW7UyeQ5g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515bea2-249c5b1462b996922d6bdf1c;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: F0D7s0uLVGFPWfmnA0PCohsHKxh375hLlRUqZTndi3V5NiW7UyeQ5g==

GET
H2 200 ViCoXi9FWxoh8GjbX1a14g7pZX0.png
framerusercontent.com/images/ Frame 8171 13 KB
14 KB 83ms
74ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ViCoXi9FWxoh8GjbX1a14g7pZX0.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e87381db0061a8a04fd758811bef1906a0f760d8de5bbde1c25f7a7bccdf7f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: d01e4eb0-6340-474b-80c0-55b1115de58d
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="1AKtqFU3EQOWWbrILZE4G-tf7HwG13GNrxRw0vmMS4GHoZVxMluxcA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-2f26307d46f6186b2c4f1c6f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 1AKtqFU3EQOWWbrILZE4G-tf7HwG13GNrxRw0vmMS4GHoZVxMluxcA==

GET
H2 200 8ibs6KgHYOJb6Y4lzhBQsszTRc.png
framerusercontent.com/images/ Frame 8171 3 KB
4 KB 90ms
82ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/8ibs6KgHYOJb6Y4lzhBQsszTRc.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

10bd3d0e3bef262fe02d35fa3c3153a291e8d8c88625ef4c23882006270f76e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: ffd0bfc1-7f2f-4fc7-9acd-1f5586c76ef5
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Nkl_HRNzBzbtG72HJz7-HUzhFNcuXN5wQcH2mqJr0guGNnnJrk9bPA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-03e2c9b96a32f4f633f203de;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Nkl_HRNzBzbtG72HJz7-HUzhFNcuXN5wQcH2mqJr0guGNnnJrk9bPA==

GET
H2 200 MxRklazzy1Emai1IjUOn2ORYq8.png
framerusercontent.com/images/ Frame 8171 3 KB
4 KB 83ms
74ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/MxRklazzy1Emai1IjUOn2ORYq8.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

65b1970ad0056e9f872f541b8684eaac58af3f4e6af9e8cc46dbba0547aa12f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 9cd05eb4-56cd-4d14-b26b-e05bd67413ad
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="oDlnN5xIN4htctl405jSXTZ7nwgsWGOxaQX_lyQjrNAfpkHnH1mjFw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-59c8d8ec74b1187037153698;parent=41ead940dd0ae5a0;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: oDlnN5xIN4htctl405jSXTZ7nwgsWGOxaQX_lyQjrNAfpkHnH1mjFw==

GET
H2 200 wiRNqk3Xr49CYkBPQk79io2TT1g.png
framerusercontent.com/images/ Frame 8171 5 KB
6 KB 83ms
75ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wiRNqk3Xr49CYkBPQk79io2TT1g.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4242cb0d811aa58c2c1346e393e3f32eabeea6a8b111505ba9d455c519af0a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 88b07d04-c4a8-44bb-840f-bdf84f29aeb9
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="n5Lz2wNjG1eY6ySpDq-yj03FTH7Gr1J5z7N3gatk3VjT_PyHQZsGbQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-26424c4d5df73fe80d2cad86;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: n5Lz2wNjG1eY6ySpDq-yj03FTH7Gr1J5z7N3gatk3VjT_PyHQZsGbQ==

GET
H2 200 5JsrF9pUWaXrgy50k6xEWQpJoxA.png
framerusercontent.com/images/ Frame 8171 15 KB
16 KB 83ms
75ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/5JsrF9pUWaXrgy50k6xEWQpJoxA.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

351ec7eaa47a100223c28f83fcc130fcc711cd585cffcb2e5a13c7aa8c7797e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:19:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388550
x-amzn-requestid: 35fcf2c5-9113-4835-87c2-1e3607d7236e
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="QCqnL7AmIGw8LjxETUnGYNvyQ5Ab_yjDaLXHUewgeyNnun7VOwuznQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db9c4-7ddc3b4d0ce00a876eb737c8;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: QCqnL7AmIGw8LjxETUnGYNvyQ5Ab_yjDaLXHUewgeyNnun7VOwuznQ==

GET
H2 200 ftPWeWr9bdX4s1UGa0CgDGwo6Q.png
framerusercontent.com/images/ Frame 8171 6 KB
7 KB 83ms
75ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ftPWeWr9bdX4s1UGa0CgDGwo6Q.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8e8aeadc29c7a5c988fd6d12f6e2ab09da8e7c266eb92662c88e5485f7ca6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 0e9e4021-dc89-4725-ac4b-63158ac32908
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="saAv5dewtxJUNy53SeBNnXSeQY0zG1N5ieq9u8nLyyCFQB4Ohf9DVA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-616f85da7187310d38aa6717;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: saAv5dewtxJUNy53SeBNnXSeQY0zG1N5ieq9u8nLyyCFQB4Ohf9DVA==

GET
H2 200 aFXvQ8tvchAhSy28xtqLwAcc.png
framerusercontent.com/images/ Frame 8171 9 KB
10 KB 83ms
75ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/aFXvQ8tvchAhSy28xtqLwAcc.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dc36791a319faca1216172316a62bec25a815789c703e22ca883a6754d60b69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388811
x-amzn-requestid: d3c0b3f9-51c2-442f-8e18-fa888d4c166f
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="VTWMKG86KsWUI7Sw6sBLRbwy52I5dJ0urnafppb6P4YQIYkRLkyVbw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-3a55b3a21e01caea5d57d28d;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: VTWMKG86KsWUI7Sw6sBLRbwy52I5dJ0urnafppb6P4YQIYkRLkyVbw==

GET
H2 200 Fi5WiSlR8pQgUTvWiBx9llcchmY.png
framerusercontent.com/images/ Frame 8171 2 KB
3 KB 88ms
81ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Fi5WiSlR8pQgUTvWiBx9llcchmY.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8c1a0ce4d216e8ebccf87693a96b6cddf4f7d72cdfe4d87c1dea22e9b5591e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 38306c3b-1cc1-4d11-bdfe-f7e4591a8eab
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="ANNaUKeGYt2E0Elr7ECHgmypDhc_OCnrenOvWACeXkeCjWo1-QS_Wg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-526d969e22cb279224fafd03;parent=34734ef8c377a80b;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ANNaUKeGYt2E0Elr7ECHgmypDhc_OCnrenOvWACeXkeCjWo1-QS_Wg==

GET
H2 200 Ax6NHsTfN0grr4AHyWTy2Sz2RI.png
framerusercontent.com/images/ Frame 8171 9 KB
10 KB 88ms
81ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Ax6NHsTfN0grr4AHyWTy2Sz2RI.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b5701c4d14b0fc7c3b9376cb94170a68ec73407bd51f1fe168430e37fec2b32e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 3e6905e1-af53-4cd5-a73a-766e60fce23e
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Vf1Y4KukNRArbkkq9W4mI95DVnGzKh4HUfH1QeReRHYg1LiOajV_lg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-43e8761e72276c392c206454;parent=5ef6032e39bfdbfd;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Vf1Y4KukNRArbkkq9W4mI95DVnGzKh4HUfH1QeReRHYg1LiOajV_lg==

GET
H2 200 8WJAm6JhDhA9oa7JjDgElrhOiQ.png
framerusercontent.com/images/ Frame 8171 10 KB
10 KB 83ms
76ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/8WJAm6JhDhA9oa7JjDgElrhOiQ.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6a3c77088d19884e2cb7401a2e9972e357ebb263d905e098014220aeed999815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388809
x-amzn-requestid: 5cf4f05e-68c7-4c04-bb92-72a6d5f0441c
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="fBjxnE97bn7ccWJh3JAYHf8ERquaUjkRzTy1dLxBKAz4W7bq3ndp1Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-5014c2ca11b926b03e287a93;parent=4d7a1a7c792d3cf1;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: fBjxnE97bn7ccWJh3JAYHf8ERquaUjkRzTy1dLxBKAz4W7bq3ndp1Q==

GET
H2 200 o5yryGY3RMxXyiyQyqeuPPxOz60.png
framerusercontent.com/images/ Frame 8171 12 KB
13 KB 88ms
81ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/o5yryGY3RMxXyiyQyqeuPPxOz60.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6a80765e705635ab8f3f4ca137d925f2958a21147effb88c80e3b9e300ff9129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 46637bc1-f1c0-4eff-b80e-a01d1c83c945
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Qt9YSS6BJlGr4ajq-KsxD0OgR3ZQlkxRRtDbNaceguBLrqquZWzIVQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-51cb383a23a022e62f06d847;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Qt9YSS6BJlGr4ajq-KsxD0OgR3ZQlkxRRtDbNaceguBLrqquZWzIVQ==

GET
H2 200 9ak0DxXbaVM1VoMTeIMa99JiKI.png
framerusercontent.com/images/ Frame 8171 13 KB
14 KB 88ms
81ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/9ak0DxXbaVM1VoMTeIMa99JiKI.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cb5af3540ca60d5b611ff32706a636ed017b8b94ff154cec81b1a6144def5b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: e49d56ed-c89a-4122-9542-dae82d2ce91a
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="OJW6vyov1m08F1WyHuQ_Ci1O19UvRTx-OXA3dvaXcPMRnJ8dpvL_jg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-496ea6cd7b9df6fc35f1ae5a;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OJW6vyov1m08F1WyHuQ_Ci1O19UvRTx-OXA3dvaXcPMRnJ8dpvL_jg==

GET
H2 200 hnIi4P7pdlJAXqbv27Bue7JEr2k.png
framerusercontent.com/images/ Frame 8171 4 KB
5 KB 87ms
80ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/hnIi4P7pdlJAXqbv27Bue7JEr2k.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9a5fac4171ae0fa4e6253a625c99f72b75949f1ebde08b51108f26923d51be43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 387e7d12-7391-4a3d-9de5-6dc02dcecac0
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="zzl8gpa_tE4K34GZjX98cny0YvSWm0wWtcnQ1etY0dGTyGalHhfehA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-093bda40237ba4fd282d5175;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: zzl8gpa_tE4K34GZjX98cny0YvSWm0wWtcnQ1etY0dGTyGalHhfehA==

GET
H2 200 wlTHpTUu4ykBMBG21EX0CERes.png
framerusercontent.com/images/ Frame 8171 11 KB
12 KB 88ms
81ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wlTHpTUu4ykBMBG21EX0CERes.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5733d9bc8e680afc43dd30cafe37543fd63da220a1472c63c126a43896d29247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388811
x-amzn-requestid: 740e1468-d462-4477-a353-e374bc3e36e0
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="MY9YGijTGzRzKIVxIaef8rgmshQ-U8W6EXAm12DibUqdvoA8npqXGg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-744060b15d09108e4111b709;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: MY9YGijTGzRzKIVxIaef8rgmshQ-U8W6EXAm12DibUqdvoA8npqXGg==

GET
H2 200 pMOoQGEce2gdLvB4HZNfsf4sY.png
framerusercontent.com/images/ Frame 8171 10 KB
11 KB 87ms
80ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/pMOoQGEce2gdLvB4HZNfsf4sY.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

770c4939f53c96cccac5b0e25ed133940e3d731cfd7c6567e3415e4fa6f66002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388811
x-amzn-requestid: 112cbf87-6183-4300-bd3b-e9d5a6080319
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="RCy9QsoA0iG349twLGOXoD07I1-MoWtdZHsh5Cy9dI41QlKkmn92FQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-257e295850b9ea1d6b049c28;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: RCy9QsoA0iG349twLGOXoD07I1-MoWtdZHsh5Cy9dI41QlKkmn92FQ==

GET
H2 200 GqxnFscgQXWBc0FTLQUcBVmIfV8.png
framerusercontent.com/images/ Frame 8171 12 KB
13 KB 137ms
130ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/GqxnFscgQXWBc0FTLQUcBVmIfV8.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1462a6870c6180f472f6a9740ab8e38dee1bc0c467871e1e32e433806320b4a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388811
x-amzn-requestid: 4eeffb6a-23dc-4897-bf51-367a8f3f6fbf
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="_-xlQ5njpRvnPGTOxPRBHqhwpL9DXth7OZAC3-6KXEgM0MXAp6JUxA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-1f4926595178469236cb7a7a;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _-xlQ5njpRvnPGTOxPRBHqhwpL9DXth7OZAC3-6KXEgM0MXAp6JUxA==

GET
H2 200 eODr1NJCd9NMOsg3WpToY6znD0.png
framerusercontent.com/images/ Frame 8171 15 KB
16 KB 138ms
131ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/eODr1NJCd9NMOsg3WpToY6znD0.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9164300fd0eeac414cbba5c13af67cecac3685ffc4fa1f18e582056d46490487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1388811
x-amzn-requestid: 26e63173-cda4-4116-b7f9-6b3df5b70d29
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="7UiGmLuyNSO9zqh9DVaFdn7JSOxtMAfv0zNdffGncpSdpA72O4aIAQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-787743b1177b9d017868a88e;parent=382592e15e444519;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7UiGmLuyNSO9zqh9DVaFdn7JSOxtMAfv0zNdffGncpSdpA72O4aIAQ==

GET
H2 200 yhcjbBUdWKuI5ee25BmmDwVlQ.png
framerusercontent.com/images/ Frame 8171 3 KB
4 KB 141ms
134ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/yhcjbBUdWKuI5ee25BmmDwVlQ.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a05264144271a335fb2ba344835479c8b97cca952f010b9cb8c2d3917abfa50c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:25:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1391748
x-amzn-requestid: 880339d6-3db5-4cff-922c-9d784925e18a
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="NDKGuI1PHb9Xl6DWwFtWd4ycuMbQxYYfcR_YT4kLSkt25agWNN64cQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad46-14e9b9a6208a1250783bd69a;parent=3ee3c348b457ba85;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: NDKGuI1PHb9Xl6DWwFtWd4ycuMbQxYYfcR_YT4kLSkt25agWNN64cQ==

GET
H2 200 uMy6gIwSwWrVGDsXDGVWHHKzYEE.png
framerusercontent.com/images/ Frame 8171 3 KB
4 KB 142ms
135ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/uMy6gIwSwWrVGDsXDGVWHHKzYEE.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

45c345166436583f0abd394d710d9eeaa329108cdd1a3f09556192d38227cf54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1391743
x-amzn-requestid: 614a176e-58c0-4338-a7f0-8da006b9677e
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="8sQkjOR3q6oA7dLrU1xPXdgRH-x6AupP_TXxFJP7--fTlzJWR8iXwQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-01d684fc19c54c0573d4a145;parent=592f8614859ed3a8;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8sQkjOR3q6oA7dLrU1xPXdgRH-x6AupP_TXxFJP7--fTlzJWR8iXwQ==

GET
H2 200 NRqZdfp0sRwRZ2mBC3XB3MGG4.png
framerusercontent.com/images/ Frame 8171 2 KB
3 KB 143ms
136ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/NRqZdfp0sRwRZ2mBC3XB3MGG4.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7fcb5ce28fc78270827a658038cdbd41ccfd7046c1e2a5722c745f6a41fbcb56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1391743
x-amzn-requestid: a72a37c2-8d1f-4b7c-a9c6-36928c59ecf1
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="N0buS93e-5inq-o2eocJSaWir7x-wUccgWFs653Y6_T1JNMnj29ldw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-14fb96f06813c3ab16d39a6a;parent=0473473adef448a2;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: N0buS93e-5inq-o2eocJSaWir7x-wUccgWFs653Y6_T1JNMnj29ldw==

GET
H2 200 c8bJ9cJNZu0SSI90azRcdddA.png
framerusercontent.com/images/ Frame 8171 3 KB
4 KB 160ms
154ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/c8bJ9cJNZu0SSI90azRcdddA.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d5d57d912d1e17d9db264a07b64a6a3ed4265303e1d73c542ec3cc2d1ef672c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1391743
x-amzn-requestid: f067016b-8a63-4afe-b438-64a09037f935
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="wTKueH7yiknujzmpWGdYZib4joRIsqKksh0ELJnn7uXjyE63g4aOXQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-081a6b1244d6a917705fe4fb;parent=1f92f6a054dbf007;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wTKueH7yiknujzmpWGdYZib4joRIsqKksh0ELJnn7uXjyE63g4aOXQ==

GET
H2 200 PJj4RY5yFu6gqPz485dMfCclbxQ.png
framerusercontent.com/images/ Frame 8171 16 KB
17 KB 160ms
154ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PJj4RY5yFu6gqPz485dMfCclbxQ.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cc05f6874071cc404007806efb2cfedefe4b82aca5469dfaf9c5cc3720d91347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1391661
x-amzn-requestid: 55909a7d-6c51-45ee-abca-67c8443054bc
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="e49cAKBN0xeYw3N73Eh9NYNqxBlx1a-tFScKXVxkJ8NH5-3u8ao5Kw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad9c-782eb4a7627511237e817f9f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: e49cAKBN0xeYw3N73Eh9NYNqxBlx1a-tFScKXVxkJ8NH5-3u8ao5Kw==

GET
H2 200 gMGCZacBG9NmOgMr0vAlUWzMM.png
framerusercontent.com/images/ Frame 8171 2 KB
3 KB 161ms
155ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/gMGCZacBG9NmOgMr0vAlUWzMM.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6c7105dd948f39cf942552d784adc2784ae2ab999863706fd3f79ec370906ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1391743
x-amzn-requestid: 955649e1-5ec9-4dac-a9a5-59b23b6abde1
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="xkc0OTaDLryFwTMMTtkxgE46mYrsx8wY3C8tpT7M0z0geynQEwD0Jg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-639593ed4cbcf0391b54d492;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xkc0OTaDLryFwTMMTtkxgE46mYrsx8wY3C8tpT7M0z0geynQEwD0Jg==

OPTIONS
H2 200 view
mgln.ai/ Frame 0
0 114ms
70ms Preflight 2606:4700:20::ac43:484f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mgln.ai/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:484f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 87702cd12f0c2bbc-FRA
content-length: 0
date: Fri, 19 Apr 2024 22:01:46 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713564106&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6D4FEMidv69NtEASc%2BlNuDA5gr6%2FlyYnxhDrOlXH%2Fao%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713564106&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6D4FEMidv69NtEASc%2BlNuDA5gr6%2FlyYnxhDrOlXH%2Fao%3D
server: cloudflare
via: 1.1 vegur

POST
H2 204 view Show response
mgln.ai/ 0
111 B 64ms
63ms XHR
text/plain 2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgln.ai/view

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-length: 0
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713564106&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6D4FEMidv69NtEASc%2BlNuDA5gr6%2FlyYnxhDrOlXH%2Fao%3D
x-request-id: 2eca646c-af61-4bb3-bc56-4371f60825e5
x-runtime: 0.002604
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET, POST
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713564106&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6D4FEMidv69NtEASc%2BlNuDA5gr6%2FlyYnxhDrOlXH%2Fao%3D"}]}
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache
vary: Origin
cf-ray: 87702cd19e510487-FRA

POST
H2 204 view Show response
mgln.ai/ 0
88 B 57ms
57ms XHR
text/plain 2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgln.ai/view

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-length: 0
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713564106&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6D4FEMidv69NtEASc%2BlNuDA5gr6%2FlyYnxhDrOlXH%2Fao%3D
x-request-id: 594a0023-eb7f-4c7f-9e52-89fd8cac0eb7
x-runtime: 0.003227
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET, POST
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713564106&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6D4FEMidv69NtEASc%2BlNuDA5gr6%2FlyYnxhDrOlXH%2Fao%3D"}]}
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache
vary: Origin
cf-ray: 87702cd1ee880487-FRA

GET
H2

200

pixel
eu.mgln.ai/
Redirect Chain

https://mgln.ai/pixel/sync.gif
https://pixel.tapad.com/idsync/ex/receive?partner_id=3365&partner_device_id=eb1cb1bf-3330-4678-9c26-a385090847ba&partner_url=https%3A%2F%2Feu.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3365&partner_device_id=eb1cb1bf-3330-4678-9c26-a385090847ba&partner_url=https%3A%2F%2Feu.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D
https://eu.mgln.ai/pixel?tapad_id=f4da7ee7-70ed-4c84-b3fe-3681d7f96a34

43 B
305 B

121ms
110ms

Image
image/gif

2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.mgln.ai/pixel?tapad_id=f4da7ee7-70ed-4c84-b3fe-3681d7f96a34

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Server

2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-transfer-encoding: binary
content-disposition: inline; filename="magellan_pixel.gif"; filename*=UTF-8''magellan_pixel.gif
content-length: 43
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713564106&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6D4FEMidv69NtEASc%2BlNuDA5gr6%2FlyYnxhDrOlXH%2Fao%3D
x-request-id: 82d4bbc6-7a3e-4e20-8fb3-805e45a28b4d
x-runtime: 0.002482
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a065920df8cc4016d67c3a464be90099"
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713564106&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6D4FEMidv69NtEASc%2BlNuDA5gr6%2FlyYnxhDrOlXH%2Fao%3D"}]}
content-type: image/gif
vary: Origin
cache-control: max-age=0, private, must-revalidate
cf-ray: 87702cd28efc0487-FRA

Redirect headers

date: Fri, 19 Apr 2024 22:01:46 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://eu.mgln.ai/pixel?tapad_id=f4da7ee7-70ed-4c84-b3fe-3681d7f96a34
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 200 view
mgln.ai/ Frame 0
0 160ms
116ms Preflight 2606:4700:20::ac43:484f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mgln.ai/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:484f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 87702cd12f0f2bbc-FRA
content-length: 0
date: Fri, 19 Apr 2024 22:01:46 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713564106&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6D4FEMidv69NtEASc%2BlNuDA5gr6%2FlyYnxhDrOlXH%2Fao%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713564106&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6D4FEMidv69NtEASc%2BlNuDA5gr6%2FlyYnxhDrOlXH%2Fao%3D
server: cloudflare
via: 1.1 vegur

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame FF56 0
0 121ms
67ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc&co=aHR0cHM6Ly93d3cuYmlsdHJld2FyZHMuY29tOjQ0Mw..&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=4ailwmri8iej

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--IcDBJhR1NysCjljYcymfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--IcDBJhR1NysCjljYcymfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Apr 2024 22:01:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cm.css
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ 15 KB
4 KB 53ms
53ms Stylesheet
text/css 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/cm.css

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ui.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36fe8d60c96300f39cef881c83445907bb7a1d0f00b71ffaf38916bc08f99585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8668
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"58539a2b908f4e73e04d4f950b1b35a3"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 87702cd138c1a5f6-FRA
expires: Fri, 19 Apr 2024 22:02:46 GMT

GET
DATA 200
OK truncated
/ Frame 8171 729 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da70c773cd3a8d489bad7c03fb89b63053843aa52c0545749df089a08e64f78f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2086fef391221a13d759836370ef5bae70c15e1389eb6504dc3a31c987e0a88

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db9c28d70f03728ad94c11d34cea446ed992aaa6167344d3eb362379f7fdaaf0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 777 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff54e9b2209db7e90df95ee8523a1176d4c14d06b413cc817dfbbda6d64a03e1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a61375e44fd14535935364ba62f844371eb9fb77ad0e4437720086719fa0da7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 319 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d9df2764c7d56ded13faf14e7235e19ae3232be0f54e8ddd60ed76e6339f3af

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 536 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52ea1136d79c3a7ebe4f345fdec565e4bac855aeb6ae4dafb54b7b7f29edb881

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 743 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e12cb695307b2703bce81c01aaeaf24cf0aa0602c8307458ea4f117719fb6ac

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 188768601044fa9d36f7e8318b53e650a64fb03b28c2b04eb8b99facdadce63e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa7e514331c85e2bff2ab629fc901146eaec70a8fbfd84ee6dc9242dbb9d0030

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 645 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db8dee9ad499fb9b623de94c004b284d5529c842c2822340d4ad2f2f8f44968c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 PeV1BiYkQUoBq9a4xHPOFZaIKs~OYvKke6pEo6tZJDWeo6LVWQ-3rkTs09Fc-ShUEf3Zww.ttf
framerusercontent.com/modules/assets/ Frame 8171 104 KB
48 KB 24ms
24ms Font
font/ttf 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/assets/PeV1BiYkQUoBq9a4xHPOFZaIKs~OYvKke6pEo6tZJDWeo6LVWQ-3rkTs09Fc-ShUEf3Zww.ttf

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9e16d83a2c1724e2cbfd819c46e35e26b7911de8678342fc0d6a00e277764306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Mar 2024 08:34:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2554019
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="ssFGqkmYsdiBgEmcMC1rROcK1UmT9XtYi9wauu9spuTgvqJbWLbJTg==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-frame-options: deny
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: ssFGqkmYsdiBgEmcMC1rROcK1UmT9XtYi9wauu9spuTgvqJbWLbJTg==

GET
H2 404 bilt-platform-terms-of-use
www.biltrewards.com/terms/ 29 B
0 419ms
418ms Fetch
text/html 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/terms/bilt-platform-terms-of-use?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
date: Fri, 19 Apr 2024 22:01:46 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 0
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
x-imgix-id: e135dedddc331ba2956318610b8ae6bff1a7f0a9
x-status: MISS
content-length: 29
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10026-SJC, cache-fra-eddf8230058-FRA
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::pq4xx-1713564106506-44f7eb301465
vary: Accept-Encoding
content-type: text/html,text/html
access-control-allow-origin: *
cache-control: no-store
accept-ranges: bytes
cf-ray: 87702cd1c8eb65b5-FRA
timing-allow-origin: *

GET
H3 200 default_script0.E7H7JWSA.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 8171 2 KB
2 KB 22ms
22ms Script
text/javascript 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/default_script0.E7H7JWSA.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

d3f5959fff3e61a5601ec4be106ee10515443a2ee8bdef22138d69836080d896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 19:15:12 GMT
x-amz-version-id: IV9ksZaGfwqf0mLVFH9cNYP8FZ7E2vnI
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
age: 269194
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="vFh-G6jE6keV5rz3hi4A0F8BI3D_KCheSSkIVnBnyEzlZqbAowwEVw==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Apr 2024 19:09:30 GMT
server: CloudFront
etag: W/"6741b6590eaf6fb0d2f42b90943e4b2a"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: vFh-G6jE6keV5rz3hi4A0F8BI3D_KCheSSkIVnBnyEzlZqbAowwEVw==

GET
H2 200 widget.js Show response
cdn.userway.org/ Frame 8171 2 KB
0 0ms
0ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 42abaeedae71c9c420fccb74b34dc055920e0bbac9110aae0dee4e8422b5719f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 7b33e91c10f2279399751cc4de05f400.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 781
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 56
x-accel-date: 1713564050
x-77-nzt: EgwBw7WqEQH3OAAAAAwBnJIhJwH33gQAAA
x-accel-expires: @1713567650
x-77-age: 1302
last-modified: Thu, 18 Apr 2024 13:46:02 GMT
server: CDN77-Turbo
etag: W/"2941b5e65272ecad24d4e43ef5e53daf"
x-77-nzt-ray: 4c1562246b5a43d3cae92266552f730b
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: s27Z04QGFujtxpt5cK2aosQpLpYhTiXxpko78uiMJWUIfsOtrbK4sw==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 78ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QLSYZKSM0E&gtm=45je44h0v874427215z8863411406za200&_p=1713564106029&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=434469178.1713564107&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713564106&sct=1&seg=0&dl=https%3A%2F%2Fwww.biltrewards.com%2F&dt=Bilt%20Rewards&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1232
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLSYZKSM0E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 22:01:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.biltrewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET t2_7lmxmkme_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 0
0

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 152ms
40ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1713564106583&id=t2_7lmxmkme&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=78c7d385-b509-48bb-8e85-39631b79bd84&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_c9439d84&dpm=&dpcc=&dprc=
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H3 200 en.json Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/translations/ 8 KB
2 KB 43ms
43ms Fetch
application/json 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/translations/en.json

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f451ccd1b82076cdf339b4c512eb3363a898c580776fe8e2a4242ffea352b4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"deeec53da2118f7d45f432e74ecef857"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 87702cd23a4d3603-FRA
expires: Fri, 19 Apr 2024 22:02:46 GMT

GET
H3 200 webpack-d5db23ac6cae3a9a.js Show response
id.biltrewards.com/_next/static/chunks/ Frame A76D 4 KB
2 KB 34ms
33ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/webpack-d5db23ac6cae3a9a.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

7007e6e756437d5ac0a2a1fda6bb03e50fe2f5c45c7185b4382286514ee211a2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 8376
content-disposition: inline; filename="webpack-d5db23ac6cae3a9a.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::kvtsw-1713564106608-893b8e16e13d
x-matched-path: /_next/static/chunks/webpack-d5db23ac6cae3a9a.js
etag: W/"ba32c752e8f3c366c2a38286a67af736"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 0a08d48a-4dbd3104a60c9a9c.js Show response
id.biltrewards.com/_next/static/chunks/ Frame A76D 168 KB
54 KB 35ms
35ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/0a08d48a-4dbd3104a60c9a9c.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

0d77c0ca71f84e8e1b82911c1c6e7ba7b5c192b1ce10bce9a8db97e08139e688

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 8376
content-disposition: inline; filename="0a08d48a-4dbd3104a60c9a9c.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::lj8zk-1713564106608-17a2bcd71beb
x-matched-path: /_next/static/chunks/0a08d48a-4dbd3104a60c9a9c.js
etag: W/"02995431b62df8b1c8b38a1e08ba3f2e"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 848-1c0ffa932b6a87ca.js Show response
id.biltrewards.com/_next/static/chunks/ Frame A76D 221 KB
66 KB 37ms
37ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/848-1c0ffa932b6a87ca.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

11789bdc1bbe1895cd257b24c2ddfb733dee573cc760e787be89a5c74b1e2c0f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 8376
content-disposition: inline; filename="848-1c0ffa932b6a87ca.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::2zprc-1713564106663-a8316e476553
x-matched-path: /_next/static/chunks/848-1c0ffa932b6a87ca.js
etag: W/"7585782eb406a39a82c89518af79d66b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 main-app-52094930a292cf75.js Show response
id.biltrewards.com/_next/static/chunks/ Frame A76D 4 KB
2 KB 55ms
54ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/main-app-52094930a292cf75.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

26a53b5f76befd425bf91c46e7be00e0c0eb13108c875a614c12268c379a0717

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 8376
content-disposition: inline; filename="main-app-52094930a292cf75.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::x7vkg-1713564106664-9daa27fced8d
x-matched-path: /_next/static/chunks/main-app-52094930a292cf75.js
etag: W/"953f66602781cc683f9b32f5f2795834"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 page-afb1373beadc9b14.js Show response
id.biltrewards.com/_next/static/chunks/app/login/iframe/userdata/ Frame A76D 684 B
713 B 56ms
55ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/app/login/iframe/userdata/page-afb1373beadc9b14.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

dca4c4f2336af8161192338e15741e994f1fe914e0ce3fd09fa5d55f0cbd349a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
date: Fri, 19 Apr 2024 22:01:46 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 google
age: 8376
content-disposition: inline; filename="page-afb1373beadc9b14.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 684
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::8mr6f-1713564106664-cbb0962c76d3
x-matched-path: /_next/static/chunks/app/login/iframe/userdata/page-afb1373beadc9b14.js
etag: "6ea3efd8c16f51b425a8d9f61b2d2b5d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H3 200 d7bc610a-afe0a60a440bae86.js Show response
id.biltrewards.com/_next/static/chunks/ Frame A76D 117 KB
38 KB 51ms
50ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/d7bc610a-afe0a60a440bae86.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

55b96d22be7287ae9a59a926d4a53e36ad0b16a56d045864ef0df9e951e615dd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 8376
content-disposition: inline; filename="d7bc610a-afe0a60a440bae86.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::w4jj4-1713564106663-75a2d3df0401
x-matched-path: /_next/static/chunks/d7bc610a-afe0a60a440bae86.js
etag: W/"9369ddf33ec1aa76879f67242a36105d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 920f9719-b6306853ec5fcb52.js Show response
id.biltrewards.com/_next/static/chunks/ Frame A76D 80 KB
21 KB 62ms
61ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/920f9719-b6306853ec5fcb52.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

bcf6db8e2b32f2b799eea191434b4090cbb642ee936fd8c169ac7979d69b7b51

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 8376
content-disposition: inline; filename="920f9719-b6306853ec5fcb52.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::5bvgg-1713564106665-cc1ba2c7b695
x-matched-path: /_next/static/chunks/920f9719-b6306853ec5fcb52.js
etag: W/"8c5cb699c5140564e032053d653282cf"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 807-6df6b607d20be04f.js Show response
id.biltrewards.com/_next/static/chunks/ Frame A76D 402 KB
132 KB 60ms
59ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/807-6df6b607d20be04f.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

e0748f4f1e5cec9f9c80724e3fce7cb0a57c2052c0134a7bd9abea536f22b9e6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 8376
content-disposition: inline; filename="807-6df6b607d20be04f.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::rbqpg-1713564106664-ea9d1098abc9
x-matched-path: /_next/static/chunks/807-6df6b607d20be04f.js
etag: W/"9708c57dab9a6f3e62464ca8a4db1db6"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 215-3a13f406bf6c9031.js Show response
id.biltrewards.com/_next/static/chunks/ Frame A76D 39 KB
15 KB 69ms
68ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/215-3a13f406bf6c9031.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

52303cc41d5f6008d97ac080d2cc35f0315da0775738bb39b4fc7d4eb2be0680

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 8376
content-disposition: inline; filename="215-3a13f406bf6c9031.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::lxv6z-1713564106668-6c0c764f7f40
x-matched-path: /_next/static/chunks/215-3a13f406bf6c9031.js
etag: W/"2448afc5a047a93b77bfa4c6740575cb"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 635-42b7e88510ef69b1.js Show response
id.biltrewards.com/_next/static/chunks/ Frame A76D 22 KB
8 KB 42ms
41ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/635-42b7e88510ef69b1.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

9933927f03acaa455df599b6214c211e76adcdd341c8126e3677081398db7ded

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 8376
content-disposition: inline; filename="635-42b7e88510ef69b1.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::5cqdh-1713564106663-3b1242e4d2b4
x-matched-path: /_next/static/chunks/635-42b7e88510ef69b1.js
etag: W/"6c79774df8a5ab88b1057e798b685e7f"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 923-58e588eeb0716552.js Show response
id.biltrewards.com/_next/static/chunks/ Frame A76D 295 KB
94 KB 29ms
29ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/923-58e588eeb0716552.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

b9baff621b840f7ac684144508e361f4e9bc2a820658dda0d8a18d3641d487b9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 8376
content-disposition: inline; filename="923-58e588eeb0716552.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::ppgsj-1713564106658-d108ee12ae1c
x-matched-path: /_next/static/chunks/923-58e588eeb0716552.js
etag: W/"0983c78de5e3390c551e0e31f57e023c"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 layout-60e0ec3d4cbf62d3.js Show response
id.biltrewards.com/_next/static/chunks/app/ Frame A76D 59 KB
15 KB 48ms
47ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/app/layout-60e0ec3d4cbf62d3.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

0f4d780a7b8262e5f10f7b278e74631965503d0650bfa996c2e2259ec00c7dce

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 8376
content-disposition: inline; filename="layout-60e0ec3d4cbf62d3.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::thj54-1713564106663-30f4a3d1c067
x-matched-path: /_next/static/chunks/app/layout-60e0ec3d4cbf62d3.js
etag: W/"4e05a7ab6551803ad5a37f3297a05d65"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 agent.js Show response
cdn.deviceinf.com/js/v4/ Frame A76D 310 KB
0 1ms
1ms Script
application/javascript 2606:4700:3031::ac43:8881
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.deviceinf.com/js/v4/agent.js
Requested by: Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8881 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:45 GMT
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
age: 2030
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
server: cloudflare
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b202ymGFMZPSNkr1A0bQ3U2wNw2ykAeDAhIe7lPGx1EG1aUfPX1Um0D%2BPnn6SFZ6zFHkhMqdpQZrRBlXKDoiS%2BSn1Jet4ePFih4RshlQYxdSfqb6IuVRK4ZnLuhwq8WPgf1%2FUvI9UpNXhGJSAcLMnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87702ccdbf5a5cb0-FRA
x-amz-cf-id: UgFkK98pA2VZSRAlvg4oQ3JjoVNo2JUjxXGEdXAJrCPhWxVcFpdL7w==

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ Frame A76D 1 KB
0 2ms
2ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f006d5392d9ceb2b14d64b27507c2c5129397b4a29bfebc9e2282c9257a6bfbc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 19 Apr 2024 22:01:45 GMT

GET
H3 200 airgap.js Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ Frame A76D 105 KB
280 B 38ms
35ms Script
text/javascript 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

193f70e3ef4fb576a502cd67546306e9ec798eb04db2cbb8f42e19b719f75fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 454
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"f40739130aa0cc889c7fc63c2ffe78ae"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 87702cd24a47a5f6-FRA
expires: Fri, 19 Apr 2024 22:02:46 GMT

POST
H2 200 TlbN1PqpZB Show response
api.userway.org/api/tunings/ 3 KB
3 KB 578ms
178ms XHR
application/json 2600:1f14:5db:eb22:35a7:a435:ab78:9e3e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/TlbN1PqpZB
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:35a7:a435:ab78:9e3e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6036b32be1c4ece847cdd81a651fea9082d4a27d05b279f1333e45087aa4f2dc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Apr 2024 22:01:47 GMT
etag: W/"ad9-UImWiV7nj9N0vEuWutkNHSwitv0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usrbd4588931c5f41b
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 2777
x-service-version: uw-pr

PUT error
conversions-config.reddit.com/v1/pixel/ 0
0

POST
H3 202 page Show response
id.biltrewards.com/fsrelay/rec/ 87 B
109 B 153ms
153ms XHR
text/plain 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/fsrelay/rec/page

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Resource Hash

14196431302464b67035d3be26eb7dfb3b18e4d638a369d5ed6b4d4ebb4177b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.biltrewards.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87

GET
H2 200 main.MTIyYzc3NzllMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 431 KB
114 KB 25ms
24ms Script
application/javascript 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9G398RC77U9N0P9KPM0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1c53c052
date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202404190410088E00BF63830C7BA728C8
x-tt-trace-id: 00-2404190410088E00BF63830C7BA728C8-0E91932628B856AE-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0148ea8f6469076c148a25409a9f9e4ae9b245c035b8fb8535ab414287ba0c22d193a38e7cf122606f7ec813b4f481a18a1121898862eef058e5e27c8a281a09203a903010a85a197f085ac3f7e2062958d427fa5f02fac0675e453cc7efb9c1bd
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 116133

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 113ms
113ms Stylesheet
text/css 3.69.41.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-26.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b6da825ef8edbaa3e6977d8c7e22183bb77b1224071ccbaf82cfa1077273bcb5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 19 Apr 2024 22:01:46 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 152ms
110ms Fetch
image/jpeg 3.69.41.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-26.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 19 Apr 2024 22:01:46 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 widget_app_base_1713447826466.js Show response
cdn.userway.org/widgetapp/2024-04-18-13-43-46/ Frame 8171 152 KB
0 0ms
0ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-04-18-13-43-46/widget_app_base_1713447826466.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3421661732cef957fe1c4ceeec168e5bba75f034d4977c564443c9e85a96caff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:46 GMT
via: 1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 944
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 114042
x-accel-date: 1713450064
x-77-nzt: EgwBw7WqEQH3er0BAAwBJRPCLgH3OgQAAA
x-accel-expires: @1739368982
x-77-age: 115124
last-modified: Thu, 18 Apr 2024 13:45:56 GMT
server: CDN77-Turbo
etag: W/"b8ff832ad352b5636d397b2df764702f"
x-77-nzt-ray: 4c156224336ea7d4cae922666716a511
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: W2rnq7mGcMG5FJjdqvCVCR3Osz421S67oktl9XIF38OeiJPnmDfS5Q==

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 330ms
293ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 19 Apr 2024 22:01:47 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
x-amz-apigw-id: Wfl3xFwJIAMES0g=
x-amz-cf-id: wy03SCtLbfxWbvmhkmo4yPsXbanjZxVuH2OjnugydL_vNscBMybtlA==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: 3644e963-d510-4172-b280-c33bee3523d5
x-cache: Miss from cloudfront

POST
H2 200 anonymous
events.framer.com/ Frame 8171 0
0 198ms
198ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Apr 2024 22:01:47 GMT
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6622e9cb-031ca6910ea84067271b603e;Sampled=1;lineage=c457ad49:0
x-amzn-requestid: 794a27ed-94b8-4aaf-9cd6-98724bdfd1e5
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: Wfl3yFWSIAMEfkw=
content-length: 0
x-amz-cf-id: SueGd-hsq8o4O5BWs4uhE76TvMRYI1jdDO4tmXp4UiVNST8wsMVTPg==

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/ 3 KB
2 KB 58ms
19ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/settings
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8998554ffd85437ff7bfae81b2e94983f09986380d574117bb234ba6240f7bee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 0J8FdXNAYV1z6ofZJjahVic3IXJOIsUZ
content-encoding: br
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
date: Fri, 19 Apr 2024 19:59:42 GMT
x-amz-cf-pop: FRA6-C1
age: 7483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 16 Apr 2024 17:43:55 GMT
server: AmazonS3
etag: W/"9c420e2783cc9b135277d88d374c741a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: PqLlQehGL_5LwIJFlBvh1xjc0ZQ3Qh0NQYBY0K2O6BGPly-p16Bsjw==

GET
H2 200 fs.js Show response
id.biltrewards.com/fsedge/s/ Frame A76D 263 KB
0 0ms
0ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.biltrewards.com/fsedge/s/fs.js
Requested by: Host: id.biltrewards.com
URL: https://id.biltrewards.com/_next/static/chunks/848-1c0ffa932b6a87ca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.183.110.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ed3b2365a716dc5d7564db9d5628d6f303a27dcf6a259b48f287a135dbb8943b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Origin: https://id.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 21:24:29 GMT
content-encoding: br
via: 1.1 google
age: 2237
x-guploader-uploadid: ABPtcPrN4v2X9uCDJq5vNrXjannBAinK1ZS9LSQnx17R0732wKvtWq1B7kwDxB4SY7_whOVcoxo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73052
last-modified: Mon, 15 Apr 2024 13:22:46 GMT
server: UploadServer
etag: "380d8a7f0c6efde29aadfbaeffde8d5a"
vary: Accept-Encoding
x-goog-generation: 1713187366176458
x-goog-hash: crc32c=VjwVaQ==, md5=OA2Kfwxu/eKarfuu/96NWg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 73052
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 19 Apr 2024 22:24:29 GMT

POST
H2 200 / Show response
o441793.ingest.sentry.io/api/4505110879076352/envelope/ Frame A76D 2 B
56 B 23ms
23ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o441793.ingest.sentry.io/api/4505110879076352/envelope/?sentry_key=1bc00c0ad527487bb7700e3836d413e1&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.99.0

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Apr 2024 22:01:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1713564106784&aid=b-00ri&se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOj...

0
0

POST
H2 200 TlbN1PqpZB Show response
api.userway.org/api/tunings/ Frame 8171 63 B
446 B 377ms
187ms XHR
application/json 2600:1f14:5db:eb22:35a7:a435:ab78:9e3e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/TlbN1PqpZB
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-18-13-43-46/widget_app_base_1713447826466.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:35a7:a435:ab78:9e3e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0ca8160a692d2ede5ba928e6b91500ca2e3b41bce9f4da9ac974b7df22f03cfb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Apr 2024 22:01:47 GMT
etag: W/"3f-PV0A++2rqOc4r1el3VJc1nugD2g"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usrd064346dc4d3424
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 63
x-service-version: uw-pr

GET
H2 200 identify_c26a2.js Show response
analytics.tiktok.com/i18n/pixel/static/ 139 KB
37 KB 22ms
22ms Script
application/javascript 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c26a2.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1c53c2f2
date: Fri, 19 Apr 2024 22:01:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202404190410088E00BF63830C7BA728D9
x-tt-trace-id: 00-2404190410088E00BF63830C7BA728D9-0E91932628B859BE-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0148ea8f6469076c148a25409a9f9e4ae9b245c035b8fb8535ab414287ba0c22d193a38e7cf122606f7ec813b4f481a18a1121898862eef058e5e27c8a281a09203a903010a85a197f085ac3f7e20629585931eb661dd27e912e1461d79547a42d
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 37305

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
703 B 168ms
168ms Ping
text/plain 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1c53c38b
date: Fri, 19 Apr 2024 22:01:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240419220146A4B84744329DDFFDCBCB-669F3C562CB09A10-00
x-cache: TCP_MISS from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=32, cdn-cache; desc=MISS, edge; dur=25, origin; dur=121
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240419220146A4B84744329DDFFDCBCB
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 122,104.126.37.143
x-tt-trace-host: 0104c902ee5e7ef4b00cd2382972ed8e6c7e140cfc35c76174c0f3362da818480421e5d2c89de694694b3c4bc0dc5970312acbbbbf93c341b301eaa592787a05fac5777e3448de8e5a3664449038d460892e03a1f20e6b56a131bf88f0868a5b94
access-control-allow-headers: Authorization,*
expires: Fri, 19 Apr 2024 22:01:47 GMT

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 20ms
19ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 15:05:40 GMT
x-amz-version-id: 1lCjHefPzcRt0EbQDFkkb.6FnzhNuKxa
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 370568
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Apr 2024 21:39:45 GMT
server: AmazonS3
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: TS1ocNzTg8Hh6VPCB_KQjP0Gx-idlW0zEWGtQ2exuYYM7u4iglmPRg==

GET
H2 200 nid-pixel520.js Show response
scripts.neuro-id.com/c/ Frame A76D 1 KB
1 KB 82ms
20ms Script
application/json 2600:9000:275b:4200:19:2755:1280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.neuro-id.com/c/nid-pixel520.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:4200:19:2755:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eab31c37c23a2d8019ce1e5a29c64678c6c8a559b139127982bc961ad6eff3e0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: tBZ.pUL6utNTjDkDz7I4ReLBDF9FO8fo
content-encoding: gzip
via: 1.1 c0db8c417b5a375429fc7f3c54841604.cloudfront.net (CloudFront)
date: Fri, 19 Apr 2024 22:00:31 GMT
x-amz-cf-pop: FRA60-P7
age: 88
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 692
last-modified: Wed, 17 Apr 2024 18:28:50 GMT
server: AmazonS3
etag: "29efd118c67c9f944df3267b7682affb"
content-type: application/json
cache-control: max-age=90
accept-ranges: bytes
x-amz-cf-id: ykSv-ChHvZQDUobBrZRI5W9hSPweP3OMxCFNWclvsE5rNkzKq-kIxQ==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ Frame A76D 501 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Origin: https://id.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 11:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205471
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Apr 2025 11:29:10 GMT

GET
H3 200 xdi.js Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ Frame A76D 26 KB
12 KB 229ms
229ms Script
text/javascript 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/xdi.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eff87b0205e1ebe55ca731239b15df7b48583b9015ce78cb50a886a97e8b1be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Origin: https://id.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"aa1a6c432a54ae84e0a582a0f4b77c78"
expect-ct: max-age=86400, enforce
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
cf-ray: 87702cd51cda3603-FRA

GET
H3 200 ui.js Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ Frame A76D 295 KB
281 B 38ms
38ms Script
text/javascript 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ui.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87a3392313500de980b01445d72f2f7e95bc0d26d5f938bb2f1a7ab569caf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Origin: https://id.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8669
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"2ff4fae52b8ac954d5874b92987806e9"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 87702cd51cdb3603-FRA
expires: Fri, 19 Apr 2024 22:02:47 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
313 B 113ms
112ms XHR
text/plain 3.69.41.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=CLz8BddIbHunRwx9J6JGIQ&is_js=true&landing_url=https%3A%2F%2Fwww.biltrewards.com%2F&t=Bilt%20Rewards&tip=lE1ApmEw_rajXZP5Dbe3B1iRjB3nRvOi-s06HSQmMOE&host=https%3A%2F%2Fwww.biltrewards.com&sa_conv_data_css_value=%270-0d225ab0-38c3-5916-4084-f9a3624ee162%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd90d225ab038c359164084f9a3624ee1625413afa5&sa-user-id-v3=s%253AAQAKIElOXdSZ7By4WPEYVi5UFYA4BZ_Nk0uvFs4tzLYfp2HYEHwYBCDK04uxBjABOgS9M-cxQgRhK9tF.%252B0VUgGzVseUdHGdqcOkvtes3s%252BLp%252BlIGJyVUZLjLUFU&sa-user-id-v2=s%253ADSJasDjDWRZAhPmjYk7hYlQTr6U.zyttRg8NpCDizkD5YvdGsZCmHttaGsRpUYt2ZVwZfEs&sa-user-id=s%253A0-0d225ab0-38c3-5916-4084-f9a3624ee162.kEBNRL2TgNKTb9v7TBO8VzyKhvHmmTA9YAvlt1YtAN4
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-26.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d5781b6843de18ff323984b25323f02a17ccbd6d984ea170e8f0f290272031bb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.biltrewards.com
date: Fri, 19 Apr 2024 22:01:47 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 116
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 20ms
20ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 13 Feb 2024 21:44:05 GMT
x-amz-version-id: GdbKd8UgUP5EXZpDaTRDFeJkJbyj8x6E
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 5703463
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Feb 2024 18:05:05 GMT
server: AmazonS3
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: __v6ygUVD38RqgSSX_SLBc9FqSoI3Xv8AK9kt4k_SfxYFr1fgOsl3Q==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
846 B 229ms
229ms Ping
text/plain 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2e35230b.1c53c6ca
date: Fri, 19 Apr 2024 22:01:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404192201478E5A4511122B0E12C0D4-4893E3F71F0B858F-00
x-cache: TCP_MISS from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time: 197,104.126.37.143
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=113, inner; dur=109
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202404192201478E5A4511122B0E12C0D4
x-cache-remote: TCP_MISS from a23-220-106-203.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 113,23.220.106.203
x-tt-trace-host: 0104c902ee5e7ef4b00cd2382972ed8e6cf38933c52c70bfa090ee57837f68d51829a23ffcef134f73dd4d8810dbda3edffc2df6b1b7948ad2db7875fc0e910d05d488d9742d11d1bcb102665981c9636e54f5333156aba7313a424495a08270987764c5304f95fb11fb6956e43adc77fe
access-control-allow-headers: Authorization,*
expires: Fri, 19 Apr 2024 22:01:47 GMT

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 708A 0
0 59ms
57ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc&co=aHR0cHM6Ly9pZC5iaWx0cmV3YXJkcy5jb206NDQz&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=tulfw3x6e643

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0EbbdCIAYxPVQBYm3YbG7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://id.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0EbbdCIAYxPVQBYm3YbG7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Apr 2024 22:01:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 nid-adv-5.2.3.js Show response
scripts.neuro-id.com/ Frame A76D 149 KB
46 KB 21ms
21ms Script
application/javascript 2600:9000:275b:4200:19:2755:1280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.neuro-id.com/nid-adv-5.2.3.js
Requested by: Host: scripts.neuro-id.com
URL: https://scripts.neuro-id.com/c/nid-pixel520.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:4200:19:2755:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdd0a28efd1cdc6028d4e954d1c35666a5e7c78bf5db3923d0460fe768ab30b0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 14 Mar 2024 19:26:39 GMT
content-encoding: gzip
via: 1.1 c0db8c417b5a375429fc7f3c54841604.cloudfront.net (CloudFront)
x-amz-version-id: XOBpmHIAiOK1OJ5M2EKNCmmuC1JHx24R
x-amz-cf-pop: FRA60-P7
age: 3119709
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 47099
last-modified: Thu, 14 Mar 2024 14:24:16 GMT
server: AmazonS3
etag: "c32560cb2f169a1d79533904f00127ca"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: r6yjfPAZ3aZN9DvaptFu8d-E4aNonJBdDjAoKlOdzzKq8ntAwQGZqw==

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/ 10 KB
4 KB 20ms
20ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 21:50:52 GMT
content-encoding: gzip
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-version-id: 73B4bUucoqQ.zop5Rb.39qMTDNo8ltid
x-amz-cf-pop: FRA6-C1
age: 1901456
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3273
last-modified: Fri, 08 Mar 2024 07:35:29 GMT
server: AmazonS3
etag: "4b03a476015c2ba9b9e74e895b97c12c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: N-dL5J2GtaZmmjjPrb79jmQBPuBuAwSPHDVpGwZN5UMKklwzUzZyWQ==

GET
H2 200 adwords.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/adwords/2.5.3/ 4 KB
2 KB 22ms
21ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/adwords/2.5.3/adwords.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cdfc45291898f113cf74b9db84cd914b2069a1bf948e51665789a627186f342

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 31 Jan 2024 23:59:28 GMT
content-encoding: gzip
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-version-id: .PFTD1mf4T6.cqCzCGDBaoXaZe77x4YA
x-amz-cf-pop: FRA6-C1
age: 6818540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1356
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "257fe81df53dcd4819bc1a81e78fce58"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 4L6OtbdmVehPj8jvzhQ6ZXINVp2y_ePMkFLk67_f_AblPNHbvX02dQ==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 22ms
22ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 31 Jan 2024 09:56:24 GMT
content-encoding: gzip
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-version-id: iBgkeROQ82ipYgPNwFnoDehQ.U3dPJg.
x-amz-cf-pop: FRA6-C1
age: 6869124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1342
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "a1bed0458702cf863f2d24fb1b9d39ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: C4yQb7bNrF3ZPutNLELW24Ewm1GGRRqVXHnh5xgr8cnZQQ4hBWE5Yw==

GET
H3 200 cm.css
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ Frame A76D 15 KB
281 B 37ms
37ms Stylesheet
text/css 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/cm.css

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ui.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36fe8d60c96300f39cef881c83445907bb7a1d0f00b71ffaf38916bc08f99585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8669
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"58539a2b908f4e73e04d4f950b1b35a3"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 87702cd59e54a5f6-FRA
expires: Fri, 19 Apr 2024 22:02:47 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
177 B 581ms
189ms Fetch
application/json 54.203.25.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.203.25.147 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-203-25-147.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.biltrewards.com
date: Fri, 19 Apr 2024 22:01:47 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1713564106784&aid=b-00ri&se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMx...

0
0

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 22ms
22ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:56:48 GMT
content-encoding: gzip
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-version-id: HopHKmY9TBcR3b.zdj3KrkRozUW9hj.F
x-amz-cf-pop: FRA6-C1
age: 1422300
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Fri, 08 Mar 2024 07:35:27 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: VdD3MahivSP5OfGC6_lk4vd6KJnyeEeVWsclY-D4FhHDyMCJHh1Ndw==

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-04-18-13-43-46/locales/ 621 B
1008 B 20ms
20ms XHR
application/json 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-04-18-13-43-46/locales/en-US.json
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:47 GMT
via: 1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 948
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 114038
x-accel-date: 1713450069
x-77-nzt: EgwBw7WqEQH3dr0BAAwBisclwQH3OQQAAA
x-accel-expires: @1739368988
x-77-age: 115119
last-modified: Thu, 18 Apr 2024 13:45:55 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: 4c156224336ea7d4cbe92266244b2a0c
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: jXumOcXIfFb_H1xQWUrqxSjxdzwjASBrnLe5WlxXPfr6W8n43Me9yA==

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-04-18-13-43-46/locales/ Frame 8171 621 B
0 12ms
12ms XHR
application/json 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-04-18-13-43-46/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-18-13-43-46/widget_app_base_1713447826466.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:47 GMT
via: 1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 948
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 114038
x-accel-date: 1713450069
x-77-nzt: EgwBw7WqEQH3dr0BAAwBisclwQH3OQQAAA
x-accel-expires: @1739368988
x-77-age: 115119
last-modified: Thu, 18 Apr 2024 13:45:55 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: 4c156224336ea7d4cbe92266244b2a0c
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: jXumOcXIfFb_H1xQWUrqxSjxdzwjASBrnLe5WlxXPfr6W8n43Me9yA==

GET
H2 200 bilt
decagon.ai/demo/ Frame 0826 0
0 186ms
145ms Document
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://decagon.ai/demo/bilt?defaultVisibility=hidden

Requested by

Host: decagon.ai
URL: https://decagon.ai/loaders/bilt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 19 Apr 2024 22:01:47 GMT
server: Vercel
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-matched-path: /demo/[slug]
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: iad1
x-vercel-id: fra1::iad1::pvshv-1713564107304-72c7aa6bd507

GET
H2 200 de67a7b8-de3e-4c8f-858d-6c7f832a1a5f
sync-transcend-cdn.com/consent-manager/ Frame 916F 0
0 129ms
35ms Document
application/xhtml+xml 2606:4700::6812:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sync-transcend-cdn.com/consent-manager/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
age: 494
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 87702cd71ac05caa-FRA
content-disposition: inline
content-encoding: br
content-type: application/xhtml+xml
date: Fri, 19 Apr 2024 22:01:47 GMT
etag: W/"ecaabd46fc191f55321d2c2683697460"
expect-ct: max-age=86400, enforce
expires: Fri, 19 Apr 2024 22:02:47 GMT
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 en.json Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/translations/ Frame A76D 8 KB
280 B 40ms
40ms Fetch
application/json 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/translations/en.json

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/_next/static/chunks/848-1c0ffa932b6a87ca.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f451ccd1b82076cdf339b4c512eb3363a898c580776fe8e2a4242ffea352b4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8669
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"deeec53da2118f7d45f432e74ecef857"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 87702cd68df73603-FRA
expires: Fri, 19 Apr 2024 22:02:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 67ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Apr 2024 22:01:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1326, tbw=2762, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: Yqc2lDWdTuWe1FPXTqQzJzsodJuY3jiT92rBhDEg3odrJQQsS/2uiKAkQVUFcS9RImL/WJyPUOMhKkuxws0Uiw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 49 KB
18 KB 99ms
65ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

19281f270f466e15bbaf85a2b145cb2dcbaff75284e9ef3fc604d35a6a633362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18272
x-xss-protection: 0
server: cafe
etag: 73099757262130852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Apr 2024 22:01:47 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 277 KB
94 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX&l=dataLayer&gtm_preview=gtm_auth=WonWorjHdmyZK4CuPVtRVg&gtm_preview=env-8

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

141a32e58de1a8a4db8cd4b677a11b7407ec3f01f52cfdbae3e59349e654e3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96135
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Apr 2024 22:01:47 GMT

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
165 B 48ms
46ms Ping
text/plain 52.210.64.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.64.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-64-4.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Apr 2024 22:01:47 GMT
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
cross-origin-resource-policy: cross-origin
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1713564106784&aid=b-00ri&se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMx...

0
0

GET
H2 200 xCQC3Wupbo8m3lPpUkDhzX5YD4.png
framerusercontent.com/images/ Frame 8171 61 KB
0 0ms
0ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/xCQC3Wupbo8m3lPpUkDhzX5YD4.png?scale-down-to=1024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

052aad9f617143aa4ac1796210fe7d4b591bddfca04b80a52bb44382bf0fcaaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 Nov 2023 08:06:18 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 13442128
x-amzn-requestid: 9b6a1016-27a4-4c1c-bf6c-4dd5244f6e72
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="6XV3QoRYI-3BWBe_DspCm9a3NCSkmrDFqjwHk-BzzXFDnYg_qAfC-A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6555cd7a-72716d0321980bee33a7f28e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6XV3QoRYI-3BWBe_DspCm9a3NCSkmrDFqjwHk-BzzXFDnYg_qAfC-A==

GET
H2 200 7dgusnBALjfsS0yucyysUvo9a8o.jpg
framerusercontent.com/images/ Frame 8171 97 KB
0 1ms
1ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/7dgusnBALjfsS0yucyysUvo9a8o.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

16e01cf649348ae4aa10d00073964eb618ddfe12fb19832485fb131dda930f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 22 Feb 2024 18:15:57 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 4938349
x-amzn-requestid: f79f9e01-484c-4a08-bdbc-c2fddeffb140
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="WAQd_sbW4hAJjJbZU6bHzlA_TUGyVKUNGsKeutbC_S86jJugOoDOrQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65d78f5d-62e6045614e49c90304ec543;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WAQd_sbW4hAJjJbZU6bHzlA_TUGyVKUNGsKeutbC_S86jJugOoDOrQ==

GET
H2 200 NI61TIlpX6TJbklIpHSie2tEpGE.png
framerusercontent.com/images/ Frame 8171 65 KB
0 2ms
2ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/NI61TIlpX6TJbklIpHSie2tEpGE.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5e5037129f05b5364a856cbc1a8bfbbaad20aeca2fe2c43d8590a856c753d485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 Nov 2023 10:28:33 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 12483193
x-amzn-requestid: 413005f5-e144-4729-aaee-163700256cfb
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="3pdDrsysdCywvkn8R81TBxSEZxdYxWJIvj-1ciNGWfmQwv3Ho79OTA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65646f51-5dc48f8225829ec367f04792;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 3pdDrsysdCywvkn8R81TBxSEZxdYxWJIvj-1ciNGWfmQwv3Ho79OTA==

GET
H2 200 emCFcnwNiMYScIxwr45IJOzQLg4.png
framerusercontent.com/images/ Frame 8171 5 KB
0 2ms
2ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/emCFcnwNiMYScIxwr45IJOzQLg4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b7b8ac25904dcb445701b5d1efa127727723d8d9e7f440457f12ca5d3b26c9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:48:25 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1390400
x-amzn-requestid: 75f1e76e-20fc-4823-8017-c428c2130abc
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="KZaLoBbXBVdigVvEv04_txqYCg45MsVLxWG4kVUnnK6banbrUfOTKA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db289-383c080d3bfe679a0b020e02;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: KZaLoBbXBVdigVvEv04_txqYCg45MsVLxWG4kVUnnK6banbrUfOTKA==

GET
H2 200 B2j04d4DELSVPqW3pu2DeFzMZU.png
framerusercontent.com/images/ Frame 8171 5 KB
0 2ms
2ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/B2j04d4DELSVPqW3pu2DeFzMZU.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b27e2ff6dcd76549f2f66acf69dbcc8a5dcc53af127a14ac4e5d33adcd18cde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:48:41 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1390384
x-amzn-requestid: b23c1655-2496-4d6d-ba25-b5575ea0ccd8
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="5XEW2PkSrb-gcWNBiLC7nslMM0_hlLvfQmhZNsKSXQNnDP0HKxaRBA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db299-77502d3d29d3b3ed0817ab4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5XEW2PkSrb-gcWNBiLC7nslMM0_hlLvfQmhZNsKSXQNnDP0HKxaRBA==

GET
H2 200 f2fwl12tvW9YGosVlJxHf8yLgk.png
framerusercontent.com/images/ Frame 8171 5 KB
0 3ms
3ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/f2fwl12tvW9YGosVlJxHf8yLgk.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4fd7bdd78f1e54f45a4a21f57679cb6fdf3aee47a8d71dd8852a4193eb9c4b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:49:27 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1390338
x-amzn-requestid: e9e15c28-6c87-4076-9450-45e5a8522d05
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="xbHoYkMqWFSY4XocwTUxtivbfyCvOFigWOoQNAjTrs3OJr8ci3W8Sw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db2c6-198fe3572d1549c7708610ba;parent=7e93a6060e332e86;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xbHoYkMqWFSY4XocwTUxtivbfyCvOFigWOoQNAjTrs3OJr8ci3W8Sw==

GET
H2 200 XjelGy0AgZXWBtmYgQFM6So2cZU.png
framerusercontent.com/images/ Frame 8171 25 KB
0 0ms
0ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/XjelGy0AgZXWBtmYgQFM6So2cZU.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a935b85e486d01cfd4d6367d1fa1cab1ae49196644c492860878cf959e332633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 17:57:54 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 17640232
x-amzn-requestid: c346a2e6-eb2d-43fb-9561-2d4dd1b33b36
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="F0D7s0uLVGFPWfmnA0PCohsHKxh375hLlRUqZTndi3V5NiW7UyeQ5g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515bea2-249c5b1462b996922d6bdf1c;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: F0D7s0uLVGFPWfmnA0PCohsHKxh375hLlRUqZTndi3V5NiW7UyeQ5g==

GET
H2 200 ViCoXi9FWxoh8GjbX1a14g7pZX0.png
framerusercontent.com/images/ Frame 8171 13 KB
0 2ms
2ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ViCoXi9FWxoh8GjbX1a14g7pZX0.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e87381db0061a8a04fd758811bef1906a0f760d8de5bbde1c25f7a7bccdf7f6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: d01e4eb0-6340-474b-80c0-55b1115de58d
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="1AKtqFU3EQOWWbrILZE4G-tf7HwG13GNrxRw0vmMS4GHoZVxMluxcA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-2f26307d46f6186b2c4f1c6f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 1AKtqFU3EQOWWbrILZE4G-tf7HwG13GNrxRw0vmMS4GHoZVxMluxcA==

GET
H2 200 8ibs6KgHYOJb6Y4lzhBQsszTRc.png
framerusercontent.com/images/ Frame 8171 3 KB
0 3ms
3ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/8ibs6KgHYOJb6Y4lzhBQsszTRc.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

10bd3d0e3bef262fe02d35fa3c3153a291e8d8c88625ef4c23882006270f76e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: ffd0bfc1-7f2f-4fc7-9acd-1f5586c76ef5
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Nkl_HRNzBzbtG72HJz7-HUzhFNcuXN5wQcH2mqJr0guGNnnJrk9bPA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-03e2c9b96a32f4f633f203de;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Nkl_HRNzBzbtG72HJz7-HUzhFNcuXN5wQcH2mqJr0guGNnnJrk9bPA==

GET
H2 200 MxRklazzy1Emai1IjUOn2ORYq8.png
framerusercontent.com/images/ Frame 8171 3 KB
0 3ms
3ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/MxRklazzy1Emai1IjUOn2ORYq8.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

65b1970ad0056e9f872f541b8684eaac58af3f4e6af9e8cc46dbba0547aa12f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 9cd05eb4-56cd-4d14-b26b-e05bd67413ad
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="oDlnN5xIN4htctl405jSXTZ7nwgsWGOxaQX_lyQjrNAfpkHnH1mjFw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-59c8d8ec74b1187037153698;parent=41ead940dd0ae5a0;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: oDlnN5xIN4htctl405jSXTZ7nwgsWGOxaQX_lyQjrNAfpkHnH1mjFw==

GET
H2 200 wiRNqk3Xr49CYkBPQk79io2TT1g.png
framerusercontent.com/images/ Frame 8171 5 KB
0 6ms
6ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wiRNqk3Xr49CYkBPQk79io2TT1g.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4242cb0d811aa58c2c1346e393e3f32eabeea6a8b111505ba9d455c519af0a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 88b07d04-c4a8-44bb-840f-bdf84f29aeb9
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="n5Lz2wNjG1eY6ySpDq-yj03FTH7Gr1J5z7N3gatk3VjT_PyHQZsGbQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-26424c4d5df73fe80d2cad86;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: n5Lz2wNjG1eY6ySpDq-yj03FTH7Gr1J5z7N3gatk3VjT_PyHQZsGbQ==

GET
H2 200 5JsrF9pUWaXrgy50k6xEWQpJoxA.png
framerusercontent.com/images/ Frame 8171 15 KB
0 7ms
7ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/5JsrF9pUWaXrgy50k6xEWQpJoxA.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

351ec7eaa47a100223c28f83fcc130fcc711cd585cffcb2e5a13c7aa8c7797e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:19:16 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388550
x-amzn-requestid: 35fcf2c5-9113-4835-87c2-1e3607d7236e
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="QCqnL7AmIGw8LjxETUnGYNvyQ5Ab_yjDaLXHUewgeyNnun7VOwuznQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db9c4-7ddc3b4d0ce00a876eb737c8;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: QCqnL7AmIGw8LjxETUnGYNvyQ5Ab_yjDaLXHUewgeyNnun7VOwuznQ==

GET
H2 200 ftPWeWr9bdX4s1UGa0CgDGwo6Q.png
framerusercontent.com/images/ Frame 8171 6 KB
0 8ms
8ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ftPWeWr9bdX4s1UGa0CgDGwo6Q.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8e8aeadc29c7a5c988fd6d12f6e2ab09da8e7c266eb92662c88e5485f7ca6a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 0e9e4021-dc89-4725-ac4b-63158ac32908
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="saAv5dewtxJUNy53SeBNnXSeQY0zG1N5ieq9u8nLyyCFQB4Ohf9DVA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-616f85da7187310d38aa6717;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: saAv5dewtxJUNy53SeBNnXSeQY0zG1N5ieq9u8nLyyCFQB4Ohf9DVA==

GET
H2 200 aFXvQ8tvchAhSy28xtqLwAcc.png
framerusercontent.com/images/ Frame 8171 9 KB
0 10ms
10ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/aFXvQ8tvchAhSy28xtqLwAcc.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dc36791a319faca1216172316a62bec25a815789c703e22ca883a6754d60b69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388811
x-amzn-requestid: d3c0b3f9-51c2-442f-8e18-fa888d4c166f
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="VTWMKG86KsWUI7Sw6sBLRbwy52I5dJ0urnafppb6P4YQIYkRLkyVbw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-3a55b3a21e01caea5d57d28d;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: VTWMKG86KsWUI7Sw6sBLRbwy52I5dJ0urnafppb6P4YQIYkRLkyVbw==

GET
H2 200 Fi5WiSlR8pQgUTvWiBx9llcchmY.png
framerusercontent.com/images/ Frame 8171 2 KB
0 22ms
22ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Fi5WiSlR8pQgUTvWiBx9llcchmY.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8c1a0ce4d216e8ebccf87693a96b6cddf4f7d72cdfe4d87c1dea22e9b5591e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 38306c3b-1cc1-4d11-bdfe-f7e4591a8eab
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="ANNaUKeGYt2E0Elr7ECHgmypDhc_OCnrenOvWACeXkeCjWo1-QS_Wg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-526d969e22cb279224fafd03;parent=34734ef8c377a80b;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ANNaUKeGYt2E0Elr7ECHgmypDhc_OCnrenOvWACeXkeCjWo1-QS_Wg==

GET
H2 200 Ax6NHsTfN0grr4AHyWTy2Sz2RI.png
framerusercontent.com/images/ Frame 8171 9 KB
0 5ms
5ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Ax6NHsTfN0grr4AHyWTy2Sz2RI.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b5701c4d14b0fc7c3b9376cb94170a68ec73407bd51f1fe168430e37fec2b32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 3e6905e1-af53-4cd5-a73a-766e60fce23e
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Vf1Y4KukNRArbkkq9W4mI95DVnGzKh4HUfH1QeReRHYg1LiOajV_lg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-43e8761e72276c392c206454;parent=5ef6032e39bfdbfd;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Vf1Y4KukNRArbkkq9W4mI95DVnGzKh4HUfH1QeReRHYg1LiOajV_lg==

GET
H2 200 8WJAm6JhDhA9oa7JjDgElrhOiQ.png
framerusercontent.com/images/ Frame 8171 10 KB
0 5ms
5ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/8WJAm6JhDhA9oa7JjDgElrhOiQ.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6a3c77088d19884e2cb7401a2e9972e357ebb263d905e098014220aeed999815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388809
x-amzn-requestid: 5cf4f05e-68c7-4c04-bb92-72a6d5f0441c
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="fBjxnE97bn7ccWJh3JAYHf8ERquaUjkRzTy1dLxBKAz4W7bq3ndp1Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-5014c2ca11b926b03e287a93;parent=4d7a1a7c792d3cf1;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: fBjxnE97bn7ccWJh3JAYHf8ERquaUjkRzTy1dLxBKAz4W7bq3ndp1Q==

GET
H2 200 o5yryGY3RMxXyiyQyqeuPPxOz60.png
framerusercontent.com/images/ Frame 8171 12 KB
0 6ms
6ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/o5yryGY3RMxXyiyQyqeuPPxOz60.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6a80765e705635ab8f3f4ca137d925f2958a21147effb88c80e3b9e300ff9129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 46637bc1-f1c0-4eff-b80e-a01d1c83c945
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Qt9YSS6BJlGr4ajq-KsxD0OgR3ZQlkxRRtDbNaceguBLrqquZWzIVQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-51cb383a23a022e62f06d847;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Qt9YSS6BJlGr4ajq-KsxD0OgR3ZQlkxRRtDbNaceguBLrqquZWzIVQ==

GET
H2 200 9ak0DxXbaVM1VoMTeIMa99JiKI.png
framerusercontent.com/images/ Frame 8171 13 KB
0 7ms
7ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/9ak0DxXbaVM1VoMTeIMa99JiKI.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cb5af3540ca60d5b611ff32706a636ed017b8b94ff154cec81b1a6144def5b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: e49d56ed-c89a-4122-9542-dae82d2ce91a
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="OJW6vyov1m08F1WyHuQ_Ci1O19UvRTx-OXA3dvaXcPMRnJ8dpvL_jg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-496ea6cd7b9df6fc35f1ae5a;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OJW6vyov1m08F1WyHuQ_Ci1O19UvRTx-OXA3dvaXcPMRnJ8dpvL_jg==

GET
H2 200 hnIi4P7pdlJAXqbv27Bue7JEr2k.png
framerusercontent.com/images/ Frame 8171 4 KB
0 7ms
7ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/hnIi4P7pdlJAXqbv27Bue7JEr2k.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9a5fac4171ae0fa4e6253a625c99f72b75949f1ebde08b51108f26923d51be43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388810
x-amzn-requestid: 387e7d12-7391-4a3d-9de5-6dc02dcecac0
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="zzl8gpa_tE4K34GZjX98cny0YvSWm0wWtcnQ1etY0dGTyGalHhfehA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-093bda40237ba4fd282d5175;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: zzl8gpa_tE4K34GZjX98cny0YvSWm0wWtcnQ1etY0dGTyGalHhfehA==

GET
H2 200 wlTHpTUu4ykBMBG21EX0CERes.png
framerusercontent.com/images/ Frame 8171 11 KB
0 8ms
8ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wlTHpTUu4ykBMBG21EX0CERes.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5733d9bc8e680afc43dd30cafe37543fd63da220a1472c63c126a43896d29247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388811
x-amzn-requestid: 740e1468-d462-4477-a353-e374bc3e36e0
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="MY9YGijTGzRzKIVxIaef8rgmshQ-U8W6EXAm12DibUqdvoA8npqXGg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-744060b15d09108e4111b709;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: MY9YGijTGzRzKIVxIaef8rgmshQ-U8W6EXAm12DibUqdvoA8npqXGg==

GET
H2 200 pMOoQGEce2gdLvB4HZNfsf4sY.png
framerusercontent.com/images/ Frame 8171 10 KB
0 9ms
9ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/pMOoQGEce2gdLvB4HZNfsf4sY.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

770c4939f53c96cccac5b0e25ed133940e3d731cfd7c6567e3415e4fa6f66002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388811
x-amzn-requestid: 112cbf87-6183-4300-bd3b-e9d5a6080319
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="RCy9QsoA0iG349twLGOXoD07I1-MoWtdZHsh5Cy9dI41QlKkmn92FQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-257e295850b9ea1d6b049c28;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: RCy9QsoA0iG349twLGOXoD07I1-MoWtdZHsh5Cy9dI41QlKkmn92FQ==

GET
H2 200 GqxnFscgQXWBc0FTLQUcBVmIfV8.png
framerusercontent.com/images/ Frame 8171 12 KB
0 10ms
10ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/GqxnFscgQXWBc0FTLQUcBVmIfV8.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1462a6870c6180f472f6a9740ab8e38dee1bc0c467871e1e32e433806320b4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388811
x-amzn-requestid: 4eeffb6a-23dc-4897-bf51-367a8f3f6fbf
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="_-xlQ5njpRvnPGTOxPRBHqhwpL9DXth7OZAC3-6KXEgM0MXAp6JUxA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-1f4926595178469236cb7a7a;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _-xlQ5njpRvnPGTOxPRBHqhwpL9DXth7OZAC3-6KXEgM0MXAp6JUxA==

GET
H2 200 eODr1NJCd9NMOsg3WpToY6znD0.png
framerusercontent.com/images/ Frame 8171 15 KB
0 10ms
10ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/eODr1NJCd9NMOsg3WpToY6znD0.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9164300fd0eeac414cbba5c13af67cecac3685ffc4fa1f18e582056d46490487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1388811
x-amzn-requestid: 26e63173-cda4-4116-b7f9-6b3df5b70d29
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="7UiGmLuyNSO9zqh9DVaFdn7JSOxtMAfv0zNdffGncpSdpA72O4aIAQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-787743b1177b9d017868a88e;parent=382592e15e444519;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7UiGmLuyNSO9zqh9DVaFdn7JSOxtMAfv0zNdffGncpSdpA72O4aIAQ==

GET
H2 200 yhcjbBUdWKuI5ee25BmmDwVlQ.png
framerusercontent.com/images/ Frame 8171 3 KB
0 11ms
11ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/yhcjbBUdWKuI5ee25BmmDwVlQ.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a05264144271a335fb2ba344835479c8b97cca952f010b9cb8c2d3917abfa50c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:25:58 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1391748
x-amzn-requestid: 880339d6-3db5-4cff-922c-9d784925e18a
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="NDKGuI1PHb9Xl6DWwFtWd4ycuMbQxYYfcR_YT4kLSkt25agWNN64cQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad46-14e9b9a6208a1250783bd69a;parent=3ee3c348b457ba85;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: NDKGuI1PHb9Xl6DWwFtWd4ycuMbQxYYfcR_YT4kLSkt25agWNN64cQ==

GET
H2 200 uMy6gIwSwWrVGDsXDGVWHHKzYEE.png
framerusercontent.com/images/ Frame 8171 3 KB
0 12ms
12ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/uMy6gIwSwWrVGDsXDGVWHHKzYEE.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

45c345166436583f0abd394d710d9eeaa329108cdd1a3f09556192d38227cf54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1391743
x-amzn-requestid: 614a176e-58c0-4338-a7f0-8da006b9677e
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="8sQkjOR3q6oA7dLrU1xPXdgRH-x6AupP_TXxFJP7--fTlzJWR8iXwQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-01d684fc19c54c0573d4a145;parent=592f8614859ed3a8;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8sQkjOR3q6oA7dLrU1xPXdgRH-x6AupP_TXxFJP7--fTlzJWR8iXwQ==

GET
H2 200 NRqZdfp0sRwRZ2mBC3XB3MGG4.png
framerusercontent.com/images/ Frame 8171 2 KB
0 12ms
12ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/NRqZdfp0sRwRZ2mBC3XB3MGG4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7fcb5ce28fc78270827a658038cdbd41ccfd7046c1e2a5722c745f6a41fbcb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1391743
x-amzn-requestid: a72a37c2-8d1f-4b7c-a9c6-36928c59ecf1
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="N0buS93e-5inq-o2eocJSaWir7x-wUccgWFs653Y6_T1JNMnj29ldw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-14fb96f06813c3ab16d39a6a;parent=0473473adef448a2;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: N0buS93e-5inq-o2eocJSaWir7x-wUccgWFs653Y6_T1JNMnj29ldw==

GET
H2 200 c8bJ9cJNZu0SSI90azRcdddA.png
framerusercontent.com/images/ Frame 8171 3 KB
0 13ms
13ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/c8bJ9cJNZu0SSI90azRcdddA.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d5d57d912d1e17d9db264a07b64a6a3ed4265303e1d73c542ec3cc2d1ef672c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1391743
x-amzn-requestid: f067016b-8a63-4afe-b438-64a09037f935
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="wTKueH7yiknujzmpWGdYZib4joRIsqKksh0ELJnn7uXjyE63g4aOXQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-081a6b1244d6a917705fe4fb;parent=1f92f6a054dbf007;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wTKueH7yiknujzmpWGdYZib4joRIsqKksh0ELJnn7uXjyE63g4aOXQ==

GET
H2 200 PJj4RY5yFu6gqPz485dMfCclbxQ.png
framerusercontent.com/images/ Frame 8171 16 KB
0 13ms
13ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PJj4RY5yFu6gqPz485dMfCclbxQ.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cc05f6874071cc404007806efb2cfedefe4b82aca5469dfaf9c5cc3720d91347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:25 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1391661
x-amzn-requestid: 55909a7d-6c51-45ee-abca-67c8443054bc
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="e49cAKBN0xeYw3N73Eh9NYNqxBlx1a-tFScKXVxkJ8NH5-3u8ao5Kw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad9c-782eb4a7627511237e817f9f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: e49cAKBN0xeYw3N73Eh9NYNqxBlx1a-tFScKXVxkJ8NH5-3u8ao5Kw==

GET
H2 200 gMGCZacBG9NmOgMr0vAlUWzMM.png
framerusercontent.com/images/ Frame 8171 2 KB
0 14ms
14ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/gMGCZacBG9NmOgMr0vAlUWzMM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6c7105dd948f39cf942552d784adc2784ae2ab999863706fd3f79ec370906ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1391743
x-amzn-requestid: 955649e1-5ec9-4dac-a9a5-59b23b6abde1
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="xkc0OTaDLryFwTMMTtkxgE46mYrsx8wY3C8tpT7M0z0geynQEwD0Jg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-639593ed4cbcf0391b54d492;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xkc0OTaDLryFwTMMTtkxgE46mYrsx8wY3C8tpT7M0z0geynQEwD0Jg==

GET
H2 200 6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
framerusercontent.com/images/ Frame 8171 214 B
0 13ms
13ms Image
image/svg+xml 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/6tTbkXggWgQCAJ4DO2QEdXXmgM.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jul 2023 10:01:00 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 24667246
x-amzn-requestid: cd6fe516-7186-49ea-8583-2bab5f74ff2a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Rgv1Qi0Qpm3Vsp9waI5MWXYR4YbinikFR7QfTG98fJrMI8ogkNnAqw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64aa855c-0af01ff92e851a665abb74ce;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Rgv1Qi0Qpm3Vsp9waI5MWXYR4YbinikFR7QfTG98fJrMI8ogkNnAqw==

GET
H2 200 11KSGbIZoRSg4pjdnUoif6MKHI.svg
framerusercontent.com/images/ Frame 8171 215 B
0 13ms
13ms Image
image/svg+xml 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/11KSGbIZoRSg4pjdnUoif6MKHI.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 12:09:35 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 12131531
x-amzn-requestid: f927c207-5d43-4a31-84ec-0d06d0c63c6a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="yGgIOH-yn2zWpkQGjvDTLHd6fQhZAPq5TfzzgiZ2CHvqhoMdLfTsGw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6569ccff-42414f1e2713071463b83623;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: yGgIOH-yn2zWpkQGjvDTLHd6fQhZAPq5TfzzgiZ2CHvqhoMdLfTsGw==

GET
H2 200 QjUw3jJCmMzYz9c4QnfbBW9f90.png
framerusercontent.com/images/ Frame 8171 176 KB
0 4ms
4ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/QjUw3jJCmMzYz9c4QnfbBW9f90.png?scale-down-to=2048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0f21a3f784c0a180951483e44e8878606dd7e74c330a40afdcabfd998bd9ed9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 07:16:50 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 9643496
x-amzn-requestid: 93163bec-85c6-4ed1-8290-c1f9df2c9dac
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Xr4jJfOrLoya2W-y-rBHU57DwTmFkRejKzXMTj7dxeEh3tG5maV_sg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-658fc3e1-57315a206d7a02da7190c7b6;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Xr4jJfOrLoya2W-y-rBHU57DwTmFkRejKzXMTj7dxeEh3tG5maV_sg==

GET
H2 200 OJrwICelx547sU9TUfsOWWw2XU.png
framerusercontent.com/images/ Frame 8171 74 KB
0 5ms
5ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OJrwICelx547sU9TUfsOWWw2XU.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cf864361a24b9afe094f76d502d804e878318535e9479c428babec04f792bb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 21:01:50 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 9593996
x-amzn-requestid: 6bd86dc0-47a2-4c16-a0c3-51f3b79bd10b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="XKSvRcPK__EvDOwLgeYNjtdgOXhokLyE-V2T2AMz4evx10v3uZklJw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6590853d-6cbbd6e16a26746a51f173da;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: XKSvRcPK__EvDOwLgeYNjtdgOXhokLyE-V2T2AMz4evx10v3uZklJw==

GET
H2 200 Bxu6GY24oplllZd0X0beaOpeu1Y.png
framerusercontent.com/images/ Frame 8171 33 KB
0 5ms
5ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Bxu6GY24oplllZd0X0beaOpeu1Y.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

85f5de4dc60ee136c7f141c4999ed8ab88b9bf0aed3a5806f9cbc4283a901b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 21:04:09 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 17629057
x-amzn-requestid: 47a703ad-c5a4-4663-a7ca-41b0215b5529
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="fhUi9HvgSTQJYHfF9kTylW511NOOtY4Y5sZgPWvZF_gM2tf3a-ccgg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515ea49-22781c72779d140e4acf41d7;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: fhUi9HvgSTQJYHfF9kTylW511NOOtY4Y5sZgPWvZF_gM2tf3a-ccgg==

GET
H2 200 Yq0ObCqEE6wFZWZK5Dp54noE4.png
framerusercontent.com/images/ Frame 8171 39 KB
0 6ms
6ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Yq0ObCqEE6wFZWZK5Dp54noE4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

64ee05b98a022eb8e7c5f531342a77e8265378f08c4665c90e0b0ca953373b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11056426
x-amzn-requestid: ac6a76f4-935a-4fe5-8b35-27cf98ada30c
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="qMo2mkXTIJnq6MRDUsxDdADhgGYGxsGZvZSA2r56ADXNndW83SyrxA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-5adfee7741d945b93610ede9;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qMo2mkXTIJnq6MRDUsxDdADhgGYGxsGZvZSA2r56ADXNndW83SyrxA==

GET
H2 200 kPxJM4tLgnLH1CadICtjXQIzHyU.png
framerusercontent.com/images/ Frame 8171 14 KB
0 6ms
6ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kPxJM4tLgnLH1CadICtjXQIzHyU.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6ba51e661ea99d73f18d67c0759bdfa54b3c409cab8308cccb0b4e94e6750ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11056426
x-amzn-requestid: 2e4005e3-d4f1-4223-8f10-ce4e29194f95
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="j8F18ppqSjH7GTpI5CbBap5e1JkN-d4Z7MtxTp_VmfubwXp9F23Byg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-166d1a7913e3bf6f4caff6ea;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: j8F18ppqSjH7GTpI5CbBap5e1JkN-d4Z7MtxTp_VmfubwXp9F23Byg==

GET
H2 200 kZedshteNKwEnTSThLDeUR8Dvg.png
framerusercontent.com/images/ Frame 8171 3 KB
0 6ms
6ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kZedshteNKwEnTSThLDeUR8Dvg.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2b6ffa1fda482766ba9db7607cf480fea2d6e045ea6d629cb1006b1384f43d3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11056436
x-amzn-requestid: 955dccb4-047a-403f-864a-55cccbf57bbd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Htk0AA79CfkwvLcD43gp_Uzk4K1FvZG6LajD2kOiHZDRpTJ0YTTuUw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-4028c3652793ae1569eb83fd;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Htk0AA79CfkwvLcD43gp_Uzk4K1FvZG6LajD2kOiHZDRpTJ0YTTuUw==

GET
H2 200 PpmuiGEDXM3kHtBp5icQtJnddr8.png
framerusercontent.com/images/ Frame 8171 36 KB
0 6ms
6ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PpmuiGEDXM3kHtBp5icQtJnddr8.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c2f14ac6aa2d1007f23dbc8cd5535ae456550e6b6cec1114a60d56610e526861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11056425
x-amzn-requestid: 570231b1-76ce-4948-b9d1-87e54e335dd5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="JWP1tSRf6IejxkOFXs90RGDQlatEjBJP405BXKll1xgjnVk31k0TlQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-441c7c2c01bc6a640ffabe9c;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JWP1tSRf6IejxkOFXs90RGDQlatEjBJP405BXKll1xgjnVk31k0TlQ==

GET
H2 200 u3YgOCmum1dUpL43rOc7L0t2pTE.png
framerusercontent.com/images/ Frame 8171 37 KB
0 7ms
7ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/u3YgOCmum1dUpL43rOc7L0t2pTE.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8fac5963cf08bccb52ed83675b4ab217e5c9dcf28d37f50f9b0f023fc0a9b783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11412631
x-amzn-requestid: 8de716e5-6484-465d-9b98-bf5b719b5ddf
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="IkF3-EExmUPHPChBKfjojb1CPdTkwATlgN-mG35mBj6Y5ZP2r-s9Kw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-40ada02066e2ce3903f68f4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: IkF3-EExmUPHPChBKfjojb1CPdTkwATlgN-mG35mBj6Y5ZP2r-s9Kw==

GET
H2 200 q2ZbwDh95WKyNtMuZKqIZa0Y.png
framerusercontent.com/images/ Frame 8171 69 KB
0 7ms
7ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/q2ZbwDh95WKyNtMuZKqIZa0Y.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f72d0a5af37884e1b1b98c1d843591b5618a80cab198ce8e85cf4131dfde5524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11412631
x-amzn-requestid: 95e9b69a-0251-436a-88f6-acfa14840b49
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="YFQn1IZmqBJpv-AemUStQL3eyaUeit1GfaamQcx5TKScxDJydyzoyA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-62a3a44b33d91cba46c2e0b4;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: YFQn1IZmqBJpv-AemUStQL3eyaUeit1GfaamQcx5TKScxDJydyzoyA==

GET
H2 200 VyL41pOzjpyf0ifC7GjerSeo3E.png
framerusercontent.com/images/ Frame 8171 45 KB
0 8ms
8ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/VyL41pOzjpyf0ifC7GjerSeo3E.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

12eb90ba365f5499e5dcca6dfa9e11e5e451e601f20c46d05cacfa45bbe0fa68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11056425
x-amzn-requestid: 7a18f60e-5932-47f5-875d-17f2793f98fd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="gIAWHOMwPTc4oqF2T9knem5la7c-W9hGg1JKX1lx0NRi9xKZY9AVzw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-73b0f6ff3b15cf5703eadbaf;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gIAWHOMwPTc4oqF2T9knem5la7c-W9hGg1JKX1lx0NRi9xKZY9AVzw==

GET
H2 200 ly7hsGndYyaskNI1AqcxaAt6I.png
framerusercontent.com/images/ Frame 8171 24 KB
0 8ms
8ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ly7hsGndYyaskNI1AqcxaAt6I.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4f452334c46c15d7198eb2155a3ec0d93ee81b7d1dfaaee86fe67532299b4f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11056425
x-amzn-requestid: 26ed4e78-6421-49aa-8b87-e1be9f6ffb6f
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="OrPRSUqfC132VALdzKNKlbenselpKRZVSWFGg3XBI_PN2TP97fAZ1w==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-319c6f954b10e76e02e15a89;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OrPRSUqfC132VALdzKNKlbenselpKRZVSWFGg3XBI_PN2TP97fAZ1w==

GET
H2 200 RVFtmFp0chpaTRBkxXKss5HkWuI.png
framerusercontent.com/images/ Frame 8171 25 KB
0 9ms
9ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/RVFtmFp0chpaTRBkxXKss5HkWuI.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

dc9d99b4069719085cc1a67a93350f47b0d97185bc95c4afc509b917ca2a5ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11412631
x-amzn-requestid: c054beb9-a99a-44c8-b6e4-8efd99661635
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="_rVJVFdCOoJy0M2bR8SGTQJOrgA-a9YsadSYrYvJUh1_UjGQYpxaqQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-689e8b4f72eef1440beb86f3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _rVJVFdCOoJy0M2bR8SGTQJOrgA-a9YsadSYrYvJUh1_UjGQYpxaqQ==

GET
H2 200 wkMxGLA0wVGsaSgWt2doW86Zic.png
framerusercontent.com/images/ Frame 8171 31 KB
0 9ms
9ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wkMxGLA0wVGsaSgWt2doW86Zic.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5ac1c77c992ddf5093ee99f3128e769ce4e854e31d63a45a5c229fa012f3d27b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11056425
x-amzn-requestid: ba6827ad-aabc-411e-9dc2-dfa723dd0780
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="oWxsROIyUlJgrtbrhtfj1e6E3R7tw4v7yvWEsWKILq_ceObvsyDUbw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-644b15642b1ea7fc78e9b405;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: oWxsROIyUlJgrtbrhtfj1e6E3R7tw4v7yvWEsWKILq_ceObvsyDUbw==

GET
H2 200 UPxnowvsa2Fbt3lp5oDDFXRjROc.png
framerusercontent.com/images/ Frame 8171 32 KB
0 10ms
10ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/UPxnowvsa2Fbt3lp5oDDFXRjROc.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

af6eba57bf2517abf6514c8efc984691780db40d0468f1bf9e4d1f8687d0f3ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:05 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11580461
x-amzn-requestid: e03300e0-9cad-43fc-8ab6-de726d6b5f30
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="6HgA0-g7H9aKv6Y26u1dPwgLJF3VV2dm04skZXoY4qEdHjjGGCxdiw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-765ffb934b7dbe1f748e348d;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6HgA0-g7H9aKv6Y26u1dPwgLJF3VV2dm04skZXoY4qEdHjjGGCxdiw==

GET
H2 200 2Zx97veGwo826dqlIbR2hMKiY.png
framerusercontent.com/images/ Frame 8171 85 KB
0 10ms
10ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/2Zx97veGwo826dqlIbR2hMKiY.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4dd34f61aca89d6bc803b2bd3feb6a97b9be91c52dc7cfb6bf64971b08b3f83a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 05 Dec 2023 23:57:38 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11743448
x-amzn-requestid: c6578a5d-2b8c-483a-ac9d-b78066b234a7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="NCezgbmXnQXSxDfbuguqfFzEEDdFHZaMXMU6Oc8SQOY-tYEnrRAWVg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-656fb8f2-1a3284985a17b98d6b56e9b6;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: NCezgbmXnQXSxDfbuguqfFzEEDdFHZaMXMU6Oc8SQOY-tYEnrRAWVg==

GET
H2 200 i6iRuC8inkOu49dyb2cMx7KLX9o.png
framerusercontent.com/images/ Frame 8171 32 KB
0 11ms
11ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/i6iRuC8inkOu49dyb2cMx7KLX9o.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c04daf4d84b602e33cd55244de90765807629d32b9bec66402b61bbc9666995c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:04 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11580462
x-amzn-requestid: d1276dde-ce3c-43b3-bdf2-19fb56353b67
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="XldahmkUBwYFUsS_OnHlSZTBA2gCfrQaYSb0H-pwtkXnlmIHEshqPw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-6d94249e4d78cc9c47e01d91;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: XldahmkUBwYFUsS_OnHlSZTBA2gCfrQaYSb0H-pwtkXnlmIHEshqPw==

GET
H2 200 4Um58dLygSHRrlUbzVAaCiPfHeE.png
framerusercontent.com/images/ Frame 8171 61 KB
0 11ms
11ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/4Um58dLygSHRrlUbzVAaCiPfHeE.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

d065eff191539c5a5e24a3a4f1bb8ff55a32c7701e34d57ae8b49ca555bdeb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 02:47:41 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 10955645
x-amzn-requestid: 76e437ee-349e-4296-8605-83da030eb99b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="VkCbLxmG0hc11zKJe2vRIS39Q-uSCNNqMFkVl_gkML7nVCSQri_RuA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657bbe4d-6fba888c030366654cd8e9e2;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: VkCbLxmG0hc11zKJe2vRIS39Q-uSCNNqMFkVl_gkML7nVCSQri_RuA==

GET
H2 200 OwD5vj1mJJkrw8fQ4TLBsZu7VY.png
framerusercontent.com/images/ Frame 8171 67 KB
0 12ms
12ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OwD5vj1mJJkrw8fQ4TLBsZu7VY.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

76d2ff093e6915059cf45b5a51b88ccd5e79c038e42ecd2cf5817403b6c52cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 11056424
x-amzn-requestid: 78b339dd-e4b5-456c-bb1c-74370a5115ab
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="5OdhZZJZKCnA6sEYFQo1eOlFyULEaM2MDJsKs88KD3ROWufJDnpYZg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-47094d6076a345a112379c31;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5OdhZZJZKCnA6sEYFQo1eOlFyULEaM2MDJsKs88KD3ROWufJDnpYZg==

GET
H2 200 xCQC3Wupbo8m3lPpUkDhzX5YD4.png
framerusercontent.com/images/ Frame 8171 61 KB
0 12ms
12ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/xCQC3Wupbo8m3lPpUkDhzX5YD4.png?scale-down-to=1024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

052aad9f617143aa4ac1796210fe7d4b591bddfca04b80a52bb44382bf0fcaaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 Nov 2023 08:06:18 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 13442128
x-amzn-requestid: 9b6a1016-27a4-4c1c-bf6c-4dd5244f6e72
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="6XV3QoRYI-3BWBe_DspCm9a3NCSkmrDFqjwHk-BzzXFDnYg_qAfC-A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6555cd7a-72716d0321980bee33a7f28e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6XV3QoRYI-3BWBe_DspCm9a3NCSkmrDFqjwHk-BzzXFDnYg_qAfC-A==

GET
H2 200 7dgusnBALjfsS0yucyysUvo9a8o.jpg
framerusercontent.com/images/ Frame 8171 97 KB
0 13ms
13ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/7dgusnBALjfsS0yucyysUvo9a8o.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

16e01cf649348ae4aa10d00073964eb618ddfe12fb19832485fb131dda930f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 22 Feb 2024 18:15:57 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 4938349
x-amzn-requestid: f79f9e01-484c-4a08-bdbc-c2fddeffb140
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="WAQd_sbW4hAJjJbZU6bHzlA_TUGyVKUNGsKeutbC_S86jJugOoDOrQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65d78f5d-62e6045614e49c90304ec543;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WAQd_sbW4hAJjJbZU6bHzlA_TUGyVKUNGsKeutbC_S86jJugOoDOrQ==

GET
H2 200 NI61TIlpX6TJbklIpHSie2tEpGE.png
framerusercontent.com/images/ Frame 8171 65 KB
0 14ms
14ms Image
image/webp 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/NI61TIlpX6TJbklIpHSie2tEpGE.png?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5e5037129f05b5364a856cbc1a8bfbbaad20aeca2fe2c43d8590a856c753d485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 Nov 2023 10:28:33 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 12483193
x-amzn-requestid: 413005f5-e144-4729-aaee-163700256cfb
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="3pdDrsysdCywvkn8R81TBxSEZxdYxWJIvj-1ciNGWfmQwv3Ho79OTA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65646f51-5dc48f8225829ec367f04792;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 3pdDrsysdCywvkn8R81TBxSEZxdYxWJIvj-1ciNGWfmQwv3Ho79OTA==

GET
H2 200 emCFcnwNiMYScIxwr45IJOzQLg4.png
framerusercontent.com/images/ Frame 8171 5 KB
0 14ms
14ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/emCFcnwNiMYScIxwr45IJOzQLg4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b7b8ac25904dcb445701b5d1efa127727723d8d9e7f440457f12ca5d3b26c9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:48:25 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1390400
x-amzn-requestid: 75f1e76e-20fc-4823-8017-c428c2130abc
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="KZaLoBbXBVdigVvEv04_txqYCg45MsVLxWG4kVUnnK6banbrUfOTKA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db289-383c080d3bfe679a0b020e02;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: KZaLoBbXBVdigVvEv04_txqYCg45MsVLxWG4kVUnnK6banbrUfOTKA==

GET
H2 200 B2j04d4DELSVPqW3pu2DeFzMZU.png
framerusercontent.com/images/ Frame 8171 5 KB
0 15ms
15ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/B2j04d4DELSVPqW3pu2DeFzMZU.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b27e2ff6dcd76549f2f66acf69dbcc8a5dcc53af127a14ac4e5d33adcd18cde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:48:41 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1390384
x-amzn-requestid: b23c1655-2496-4d6d-ba25-b5575ea0ccd8
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="5XEW2PkSrb-gcWNBiLC7nslMM0_hlLvfQmhZNsKSXQNnDP0HKxaRBA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db299-77502d3d29d3b3ed0817ab4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5XEW2PkSrb-gcWNBiLC7nslMM0_hlLvfQmhZNsKSXQNnDP0HKxaRBA==

GET
H2 200 f2fwl12tvW9YGosVlJxHf8yLgk.png
framerusercontent.com/images/ Frame 8171 5 KB
0 15ms
15ms Image
image/png 2600:9000:2490:5c00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/f2fwl12tvW9YGosVlJxHf8yLgk.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:5c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4fd7bdd78f1e54f45a4a21f57679cb6fdf3aee47a8d71dd8852a4193eb9c4b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:49:27 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
age: 1390338
x-amzn-requestid: e9e15c28-6c87-4076-9450-45e5a8522d05
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="xbHoYkMqWFSY4XocwTUxtivbfyCvOFigWOoQNAjTrs3OJr8ci3W8Sw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db2c6-198fe3572d1549c7708610ba;parent=7e93a6060e332e86;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xbHoYkMqWFSY4XocwTUxtivbfyCvOFigWOoQNAjTrs3OJr8ci3W8Sw==

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1713564106784&aid=b-00ri&se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMx...

0
0

GET
H2

200

p
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/p?dtstmp=1713564107829&aid=b-00ri&se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/p?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564107829&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMx...

43 B
240 B

378ms
121ms

Image
image/gif

3.212.143.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rp4.liadm.com/p?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564107829&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4
Protocol: H2
Server: 3.212.143.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-143-46.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 22:01:48 GMT
x-pixel-event-id: 27df7b90-0bbe-4a94-a0ee-9d45cfc44e24
content-length: 43
content-type: image/gif

Redirect headers

location: https://rp4.liadm.com/p?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564107829&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4
date: Fri, 19 Apr 2024 22:01:47 GMT
content-length: 0

GET
H2

200

p
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/p?dtstmp=1713564107829&aid=b-00ri&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYW...
https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTM1NjQxMDY3ODQmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaH...

43 B
241 B

376ms
120ms

Image
image/gif

3.212.143.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTM1NjQxMDY3ODQmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaHZ3NjJmLi4uIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiRXJyb3I6IEVycm9yIGR1cmluZyBYSFIgY2FsbDogMCwgdXJsOiBodHRwczovL3JwLmxpYWRtLmNvbS9qP2R0c3RtcD0xNzEzNTY0MTA2Nzg0JmFpZD1iLTAwcmkmc2U9ZTMwJmR1aWQ9MDVlMjFlOWE2ODZlLS0wLi4uIiwiZmlsZU5hbWUiOiJ1bmRlZmluZWQifQ&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564107829&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4
Protocol: H2
Server: 3.212.143.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-143-46.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 22:01:48 GMT
x-pixel-event-id: 5b18f531-c8a3-4b3d-b385-93a47e444113
content-length: 43
content-type: image/gif

Redirect headers

location: https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTM1NjQxMDY3ODQmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaHZ3NjJmLi4uIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiRXJyb3I6IEVycm9yIGR1cmluZyBYSFIgY2FsbDogMCwgdXJsOiBodHRwczovL3JwLmxpYWRtLmNvbS9qP2R0c3RtcD0xNzEzNTY0MTA2Nzg0JmFpZD1iLTAwcmkmc2U9ZTMwJmR1aWQ9MDVlMjFlOWE2ODZlLS0wLi4uIiwiZmlsZU5hbWUiOiJ1bmRlZmluZWQifQ&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564107829&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4
date: Fri, 19 Apr 2024 22:01:47 GMT
content-length: 0

GET
H2 200 remediation_1713447826466.js Show response
cdn.userway.org/widgetapp/2024-04-18-13-43-46/remediation/ 108 KB
30 KB 31ms
30ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-04-18-13-43-46/remediation/remediation_1713447826466.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-18-13-43-46/widget_app_base_1713447826466.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3f51786b1836607a14b5b75a50690195ae8127e9c277863b6a66f2047b12db16

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:47 GMT
via: 1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 1183
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 114040
x-accel-date: 1713450067
x-77-nzt: EgwBw7WqEQH3eL0BAAwBJRPCLgH3SwMAAA
x-accel-expires: @1739369224
x-77-age: 114883
last-modified: Thu, 18 Apr 2024 13:45:56 GMT
server: CDN77-Turbo
etag: W/"a654c1e268c9018154cec018663c9d04"
x-77-nzt-ray: 4c156224336ea7d4cbe922668af86132
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: ShOKR-TyPbHWJROUsS8iqqUksB0WMzDkHit54wZMFpJxXxATIyih_Q==

GET
H2 200 UVSmUaxusw7M1GYM.json Show response
cdn.userway.org/remediations/consolidated/2055530/ 863 KB
112 KB 40ms
40ms XHR
application/json 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2055530/UVSmUaxusw7M1GYM.json
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 705cb58b6d8f249a2e6561f5f26c5c8215ccbbed4f6999b58a177b51ba973e0b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:47 GMT
via: 1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 14
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 109490
x-accel-date: 1713454617
x-77-nzt: EgwBw7WqEQH3sqsBAAwBJRPCLgH3UBYAAA
x-accel-expires: @1744984905
x-77-age: 115202
last-modified: Fri, 26 Jan 2024 19:09:21 GMT
server: CDN77-Turbo
etag: W/"c5c5889155a8211cb42cb207ea675922"
x-77-nzt-ray: 4c156224336ea7d4cbe92266ef6a6932
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: KyHcUWn6aZLTbDZ326iHoCaNc0qaCStKWEyavbzUMOn2Jv9y9hY8UQ==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 23ms
23ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:47 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 8
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 114041
x-accel-date: 1713450066
x-77-nzt: EgwBw7WqEQH3eb0BAAwBisclxAH33QQAAA
x-accel-expires: @1739368821
x-77-age: 115286
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray: 4c1562246b5a43d3cbe9226690d00733
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: 6-s6GkDnp_0w5c38VkCD8O-1TH9d2cXNisTFW-5-pivoaHXwsCcEWg==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 24ms
24ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:47 GMT
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 313
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 114041
x-accel-date: 1713450066
x-77-nzt: EgwBw7WqEQH3eb0BAAwB1GY4EQH32wQAAA
x-accel-expires: @1739368823
x-77-age: 115284
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 4c1562246b5a43d3cbe9226661740d33
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: eczyzrRV-Dgb4XUpfnDP9Gl1-EsITjm4QIT7WEYfGfDAXJQwHLsyCQ==

GET
H2 200 353467326379958 Show response
connect.facebook.net/signals/config/ 61 KB
14 KB 35ms
34ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/353467326379958?v=2.9.154&r=stable&domain=www.biltrewards.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bd934921e2f02028743c8b37e4108cd1870c33f3c40e27f409f952f954327fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Apr 2024 22:01:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13958
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=62, mss=1326, tbw=63209, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 6jW6fFL544sQJ+zDyisEp6EBP5f91p2VDHwq8B85LwmhM6klyl9YDciAAPq9CE0hIutQ/iulng/ZJtcf/1pCew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/10874839969/ 3 KB
1 KB 36ms
35ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10874839969/?random=1713564108097&cv=9&fst=1713564108097&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5574e20c1060dc6456d8a12e6de4732cb5bc19586398121e08a9cabe45c0219f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 22:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1458
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10874839969/ 43 B
61 B 85ms
33ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10874839969/?random=1713564108103&cv=9&fst=1713564108103&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925%2C509562773%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=path%3D%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DBilt%20Rewards%3Burl%3Dhttps%3A%2F%2Fwww.biltrewards.com%2F&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 22:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 remediation-tool.js Show response
cdn.userway.org/remediation/2024-04-18-13-43-46/paid/ 55 KB
20 KB 21ms
20ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-04-18-13-43-46/paid/remediation-tool.js?ts=1713447826466
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-18-13-43-46/widget_app_base_1713447826466.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 58e902446fe39b5fa37273eae3ebc68eeeec63d2c7b3b28c9978d3ebc1f2e9d6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:48 GMT
via: 1.1 38dab0d877593711162f7409f4fc8fca.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 776
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 114040
x-accel-date: 1713450068
x-77-nzt: EgwBw7WqEQH3eL0BAAwBnJIhJwH34gQAAA
x-accel-expires: @1739368818
x-77-age: 115290
last-modified: Thu, 18 Apr 2024 13:46:00 GMT
server: CDN77-Turbo
etag: W/"c2ff6e82688d3a71c72997f94aecdb40"
x-77-nzt-ray: 4c156224336ea7d4cce922668986330d
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: bvFqBJR6rvHd_-fRpTs-x4uc5nj_pz0vgCGuBhJUIXY5nb3nD34xRw==

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 69ms
22ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353467326379958&ev=PageView&dl=https%3A%2F%2Fwww.biltrewards.com&rl=&if=false&ts=1713564108329&sw=1600&sh=1200&ud[external_id]=e3323846033281b473e65369a6555be9959def9cfce44b51d9ae78ade491ab7f&v=2.9.154&r=stable&a=seg&ec=0&o=4124&fbp=fb.1.1713564108328.182321344&pm=1&hrl=f542a7&ler=empty&cdl=API_unavailable&it=1713564107978&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-906ed85c1300700c9bbdc3632eefff76&cs_cc=1&cas=7368986099863077%2C5027429843991248%2C5406700332768189%2C4118934621525755%2C4544091382281257%2C4076096172505397%2C4526720607360042%2C4175906249165104%2C6099185086759110&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1326, tbw=2755, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 22:01:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/10874839969/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10874839969/?random=1102432886&cv=9&fst=1713564108097&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.com/pagead/1p-conversion/10874839969/?random=1102432886&cv=9&fst=1713564108097&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_h...
https://www.google.de/pagead/1p-conversion/10874839969/?random=1102432886&cv=9&fst=1713564108097&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_hi...

42 B
64 B

67ms
35ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10874839969/?random=1102432886&cv=9&fst=1713564108097&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI3qjb36PPhQMVpeQRCB3nnwgaMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LmJpbHRyZXdhcmRzLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqzFBHCnjFTsMMhsbtOZUikFfdp7fU3p5zHpK4juXK-6mTaB5S&random=4071477376&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 22:01:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Apr 2024 22:01:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10874839969/?random=1102432886&cv=9&fst=1713564108097&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI3qjb36PPhQMVpeQRCB3nnwgaMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LmJpbHRyZXdhcmRzLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqzFBHCnjFTsMMhsbtOZUikFfdp7fU3p5zHpK4juXK-6mTaB5S&random=4071477376&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UVSmUaxusw7M1GYM.json Show response
cdn.userway.org/remediations/consolidated/2055530/ 863 KB
0 0ms
0ms Fetch
application/json 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2055530/UVSmUaxusw7M1GYM.json
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 705cb58b6d8f249a2e6561f5f26c5c8215ccbbed4f6999b58a177b51ba973e0b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:47 GMT
via: 1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 14
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 109490
x-accel-date: 1713454617
x-77-nzt: EgwBw7WqEQH3sqsBAAwBJRPCLgH3UBYAAA
x-accel-expires: @1744984905
x-77-age: 115202
last-modified: Fri, 26 Jan 2024 19:09:21 GMT
server: CDN77-Turbo
etag: W/"c5c5889155a8211cb42cb207ea675922"
x-77-nzt-ray: 4c156224336ea7d4cbe92266ef6a6932
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: KyHcUWn6aZLTbDZ326iHoCaNc0qaCStKWEyavbzUMOn2Jv9y9hY8UQ==

GET
H2 200 de67a7b8-de3e-4c8f-858d-6c7f832a1a5f
sync-transcend-cdn.com/consent-manager/ Frame EBE1 0
0 38ms
38ms Document
application/xhtml+xml 2606:4700::6812:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sync-transcend-cdn.com/consent-manager/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://id.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
age: 495
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 87702cdf08a95caa-FRA
content-disposition: inline
content-encoding: br
content-type: application/xhtml+xml
date: Fri, 19 Apr 2024 22:01:48 GMT
etag: W/"ecaabd46fc191f55321d2c2683697460"
expect-ct: max-age=86400, enforce
expires: Fri, 19 Apr 2024 22:02:48 GMT
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
www.biltrewards.com/ 15 KB
3 KB 29ms
29ms Other
image/vnd.microsoft.icon 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9fff2bb0ae4e7b8399d2af77253fecd38540f21fbd2e5899f1459eec325a4cca

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 22:01:48 GMT
strict-transport-security: max-age=63072000
age: 3241
content-disposition: inline; filename="favicon.ico"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::pq4xx-1713564108736-60c7ecf62fa9
x-matched-path: /favicon.ico
etag: W/"8709c36a9447ce8f70f68b6627d2c739"
x-vercel-cache: HIT
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate

GET
H2 200 2055530 Show response
api.userway.org/api/br-links/v0/contribute/ 51 B
429 B 200ms
175ms Fetch
application/json 2600:1f14:5db:eb22:35a7:a435:ab78:9e3e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/contribute/2055530
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:35a7:a435:ab78:9e3e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:49 GMT
etag: W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 51
x-service-version: apps-ddb67952

GET
H2 200 2055530 Show response
api.userway.org/api/br-links/v0/links/ 86 B
452 B 201ms
176ms Fetch
application/json 2600:1f14:5db:eb22:35a7:a435:ab78:9e3e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links/2055530
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:35a7:a435:ab78:9e3e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3f7853bd4d6086be63374d96af8f4297718ae35b74698c30e362bf43a1d888a5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:49 GMT
etag: W/"56-Q78UpHasXJc4bkSkw+leqwZtTHI"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=300, public
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 86
x-service-version: apps-ddb67952

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/TlbN1PqpZB/2055530/RLqwMG7OTpTSzPtC/ 203 B
758 B 22ms
22ms Fetch
application/json 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/TlbN1PqpZB/2055530/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Ftvspix.com%2Ft.png%22%2C%22alt%22%3A%22%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9eb94d0e2d04f7b70c7077d41fd696e37f907326f3a8da175cd2692f58a3b0b8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:49 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: HIT
x-age: 199389
x-accel-date: 1713364720
x-service-version: img-dscr-srv-8d5b377c
x-77-nzt: EgwB1GY4tAH33QoDAAwBnJIhHwH3+PUGAA
x-accel-expires: @1713969520
x-77-age: 655573
server: CDN77-Turbo
etag: W/"cb-VcEGOmjk6/aVZ+dPlTrcmCsXD2g"
x-77-nzt-ray: 6d204d11d5dd9d2bcde92266ef9aa02a
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/TlbN1PqpZB/2055530/RLqwMG7OTpTSzPtC/ Frame 0
0 565ms
494ms Preflight 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/TlbN1PqpZB/2055530/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Ftvspix.com%2Ft.png%22%2C%22alt%22%3A%22%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Fri, 19 Apr 2024 22:01:49 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggB1GY4tAAACAGckiEfAAA
x-77-nzt-ray: 6d204d11d5dd9d2bcde922663bbf1c0d
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-8d5b377c

GET
H2 200 nav_menu_helper_1713447826466.js Show response
cdn.userway.org/widgetapp/2024-04-18-13-43-46/remediation/ 23 KB
7 KB 22ms
21ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-04-18-13-43-46/remediation/nav_menu_helper_1713447826466.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-18-13-43-46/widget_app_base_1713447826466.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 19 Apr 2024 22:01:49 GMT
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 1181
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 114044
x-accel-date: 1713450065
x-77-nzt: EgwBw7WqEQH3fL0BAAwBisclwQH3SQMAAA
x-accel-expires: @1739369224
x-77-age: 114885
last-modified: Thu, 18 Apr 2024 13:45:56 GMT
server: CDN77-Turbo
etag: W/"d5babf1f477d0f7bf4044b0693b956d9"
x-77-nzt-ray: 4c156224336ea7d4cde92266fd11bf12
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: WYveLIb7lPBqUZGvovtRQk8XLUGSVhT7kJmAGNGO4uUU31ipfPYEPA==

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.biltrewards.com%2F/DESKTOP/WIDGET_ON/ 77 B
454 B 181ms
180ms Fetch
application/json 2600:1f14:5db:eb22:35a7:a435:ab78:9e3e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.biltrewards.com%2F/DESKTOP/WIDGET_ON/status
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/3823-9f814568c01d4885.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:35a7:a435:ab78:9e3e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 22:01:53 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-fa0246c1

GET
H2 204 js_tracking Show response
tags.srv.stackadapt.com/ 0
154 B 115ms
115ms XHR
text/plain 3.69.41.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fwww.biltrewards.com%2F&uid=CLz8BddIbHunRwx9J6JGIQ&v=1&host=https%3A%2F%2Fwww.biltrewards.com
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-26.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.biltrewards.com
date: Fri, 19 Apr 2024 22:01:57 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.redditstatic.com
URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_7lmxmkme_telemetry

Domain: conversions-config.reddit.com
URL: https://conversions-config.reddit.com/v1/pixel/error

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/p	1970-01-21 05:35:24	Name: lidid Value: 8a2a8bdf-49cd-43fe-81e3-130ba77d6074
.biltrewards.com/	1970-01-20 22:09:00	Name: _gcl_au Value: 1.1.1457506645.1713564106
.mgln.ai/	1970-01-20 21:25:48	Name: arc_id Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IkltVmlNV05pTVdKbUxUTXpNekF0TkRZM09DMDVZekkyTFdFek9EVXdPVEE0TkRkaVlTST0iLCJleHAiOiIyMDI0LTA2LTE4VDIyOjAxOjQ2LjMwNloiLCJwdXIiOiJjb29raWUuYXJjX2lkIn19--ea7e9ac9df3bec6143ed78b3ad35379f017438ec
tags.srv.stackadapt.com/	1970-01-21 04:45:00	Name: sa-user-id Value: s%3A0-0d225ab0-38c3-5916-4084-f9a3624ee162.kEBNRL2TgNKTb9v7TBO8VzyKhvHmmTA9YAvlt1YtAN4
.srv.stackadapt.com/	1970-01-21 04:45:00	Name: sa-user-id Value: s%3A0-0d225ab0-38c3-5916-4084-f9a3624ee162.kEBNRL2TgNKTb9v7TBO8VzyKhvHmmTA9YAvlt1YtAN4
tags.srv.stackadapt.com/	1970-01-21 04:45:00	Name: sa-user-id-v2 Value: s%3ADSJasDjDWRZAhPmjYk7hYlQTr6U.zyttRg8NpCDizkD5YvdGsZCmHttaGsRpUYt2ZVwZfEs
.srv.stackadapt.com/	1970-01-21 04:45:00	Name: sa-user-id-v2 Value: s%3ADSJasDjDWRZAhPmjYk7hYlQTr6U.zyttRg8NpCDizkD5YvdGsZCmHttaGsRpUYt2ZVwZfEs
tags.srv.stackadapt.com/	1970-01-21 04:45:00	Name: sa-user-id-v3 Value: s%3AAQAKIElOXdSZ7By4WPEYVi5UFYA4BZ_Nk0uvFs4tzLYfp2HYEHwYBCDK04uxBjABOgS9M-cxQgRhK9tF.%2B0VUgGzVseUdHGdqcOkvtes3s%2BLp%2BlIGJyVUZLjLUFU
.srv.stackadapt.com/	1970-01-21 04:45:00	Name: sa-user-id-v3 Value: s%3AAQAKIElOXdSZ7By4WPEYVi5UFYA4BZ_Nk0uvFs4tzLYfp2HYEHwYBCDK04uxBjABOgS9M-cxQgRhK9tF.%2B0VUgGzVseUdHGdqcOkvtes3s%2BLp%2BlIGJyVUZLjLUFU
.tiktok.com/	1970-01-21 05:21:00	Name: _ttp Value: 2fKyXvrL2KAyAZOWvEfHbBhxyvy
.biltrewards.com/	1970-01-21 05:35:24	Name: _ga_QLSYZKSM0E Value: GS1.1.1713564106.1.0.1713564106.0.0.0
.biltrewards.com/	1970-01-21 05:35:24	Name: _ga Value: GA1.1.434469178.1713564107
.biltrewards.com/	1970-01-20 22:09:00	Name: _rdt_uuid Value: 1713564106582.78c7d385-b509-48bb-8e85-39631b79bd84
.tapad.com/	1970-01-20 21:25:48	Name: TapAd_TS Value: 1713564106573
.tapad.com/	1970-01-20 21:25:48	Name: TapAd_DID Value: f4da7ee7-70ed-4c84-b3fe-3681d7f96a34
.biltrewards.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .biltrewards.com
.biltrewards.com/	1970-01-21 05:35:24	Name: _lc2_fpi Value: 05e21e9a686e--01hvw62fvxsx97d5aysj92za66
.biltrewards.com/	1970-01-21 05:35:24	Name: _lc2_fpi_meta Value: {%22w%22:1713564106621}
.tapad.com/	1970-01-20 21:25:48	Name: TapAd_3WAY_SYNCS Value:
www.biltrewards.com/	1970-01-21 04:45:00	Name: sa-user-id Value: s%253A0-0d225ab0-38c3-5916-4084-f9a3624ee162.kEBNRL2TgNKTb9v7TBO8VzyKhvHmmTA9YAvlt1YtAN4
www.biltrewards.com/	1970-01-21 04:45:00	Name: sa-user-id-v2 Value: s%253ADSJasDjDWRZAhPmjYk7hYlQTr6U.zyttRg8NpCDizkD5YvdGsZCmHttaGsRpUYt2ZVwZfEs
www.biltrewards.com/	1970-01-21 04:45:00	Name: sa-user-id-v3 Value: s%253AAQAKIElOXdSZ7By4WPEYVi5UFYA4BZ_Nk0uvFs4tzLYfp2HYEHwYBCDK04uxBjABOgS9M-cxQgRhK9tF.%252B0VUgGzVseUdHGdqcOkvtes3s%252BLp%252BlIGJyVUZLjLUFU
.biltrewards.com/	1970-01-21 05:21:00	Name: _tt_enable_cookie Value: 1
.biltrewards.com/	1970-01-21 05:21:00	Name: _ttp Value: UpIr0GQgRjltS8eysdKcjsliRiz
id.biltrewards.com/	1970-01-21 04:45:00	Name: theme Value: light
.biltrewards.com/	1970-01-21 04:45:00	Name: ajs_anonymous_id Value: 87ea317d-d511-4542-8759-7b9ac75d91fb
.liadm.com/	1970-01-21 05:35:24	Name: lidid Value: 8a2a8bdf-49cd-43fe-81e3-130ba77d6074
.clerk.decagon.ai/	1970-01-20 19:59:25	Name: __cf_bm Value: c4jM6hzlxnuzJ2epbaj3IEf7M5niWktvCSqmz6K3pk8-1713564107-1.0.1.1-353WgzP_G8bka7.vicmrrPbQxEqu7vNbjrt2u0QjMa37I4_pAJHdVSHt8QjIJkCPTQ7OHzPJH2pKoCYWUhGAVg
.clerk.decagon.ai/	1969-12-31 23:59:59	Name: _cfuvid Value: JvVHyU3qqp_hNTrD8b3Mxl0Bp8L2HPaQA2zOjILAndU-1713564107996-0.0.1.1-604800000
.biltrewards.com/	1970-01-20 22:09:00	Name: _fbp Value: fb.1.1713564108328.182321344
.doubleclick.net/	1970-01-21 05:21:00	Name: IDE Value: AHWqTUnPzmVXZfElsbkt83DxoG-OU1i65WpL4b6cvqkm6RfNucSm3NIC3Gkh5MJK

72 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.biltrewards.com/?_rsc=1wlmf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.biltrewards.com/public/user/authentication/token Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js Message: Refused to connect to 'https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_7lmxmkme_telemetry' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/_next/static/chunks/8152-741d12f273eefb58.js Message: Refused to connect to 'https://conversions-config.reddit.com/v1/pixel/error' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.biltrewards.com/terms/bilt-platform-terms-of-use?_rsc=1wlmf Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.biltrewards.com/terms?_rsc=1wlmf Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.biltrewards.com/ Message: Refused to connect to 'https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/ Message: Refused to connect to 'https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/ Message: Refused to connect to 'https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/ Message: Refused to connect to 'https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hvw62fvxsx97d5aysj92za66&aid=b-00ri&cd=.biltrewards.com&dtstmp=1713564106784&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjU1ZTg6NWMxZDpmZGY3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/353467326379958?v=2.9.154&r=stable&domain=www.biltrewards.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 87) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.tiktok.com
api.segment.io
api.userway.org
b-code.liadm.com
bilt.page
cdn.deviceinf.com
cdn.mgln.ai
cdn.plaid.com
cdn.segment.com
cdn.userway.org
cdn77.api.userway.org
connect.facebook.net
conversions-config.reddit.com
decagon.ai
eu.mgln.ai
events.framer.com
flags.biltrewards.com
framerusercontent.com
googleads.g.doubleclick.net
id.biltrewards.com
mgln.ai
o441793.ingest.sentry.io
pixel.tapad.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
scripts.neuro-id.com
static.biltrewards.com
sync-transcend-cdn.com
tags.srv.stackadapt.com
transcend-cdn.com
tvspix.com
vitals.vercel-insights.com
www.biltrewards.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
www2.biltrewards.com
conversions-config.reddit.com
rp4.liadm.com
www.redditstatic.com
104.126.37.147
13.33.187.40
142.250.186.98
151.101.1.140
2001:4860:4802:34::36
2600:1f14:5db:eb22:35a7:a435:ab78:9e3e
2600:1f18:730:b130:3312:d950:1633:cbeb
2600:9000:2490:5c00:d:ada1:a280:93a1
2600:9000:275b:4200:19:2755:1280:93a1
2600:9000:275d:f400:8:8845:1500:93a1
2606:4700:20::681a:3b4
2606:4700:20::ac43:484f
2606:4700:3031::ac43:8881
2606:4700:3108::ac42:2b3c
2606:4700::6812:6f8
2a00:1450:4001:803::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2008
2a02:6ea0:c700::19
2a02:6ea0:c700::22
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::396
3.160.150.114
3.212.143.46
3.69.41.26
34.110.183.245
34.111.113.62
34.117.79.164
34.120.195.249
34.160.241.76
35.241.5.91
35.71.142.77
52.210.64.4
52.42.237.31
54.203.25.147
76.76.21.21
76.76.21.22
99.86.8.175
004308bc4223c392d8e24f8edb3c1c6ffeba09277efd50d6f549cbdbe485747a
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364
052aad9f617143aa4ac1796210fe7d4b591bddfca04b80a52bb44382bf0fcaaa
0a4cd18657931f03d74198e1caf8ea073106143a7da9c1ec09c15a030bdeed58
0ca8160a692d2ede5ba928e6b91500ca2e3b41bce9f4da9ac974b7df22f03cfb
0d77c0ca71f84e8e1b82911c1c6e7ba7b5c192b1ce10bce9a8db97e08139e688
0f21a3f784c0a180951483e44e8878606dd7e74c330a40afdcabfd998bd9ed9e
0f4d780a7b8262e5f10f7b278e74631965503d0650bfa996c2e2259ec00c7dce
10bd3d0e3bef262fe02d35fa3c3153a291e8d8c88625ef4c23882006270f76e2
11789bdc1bbe1895cd257b24c2ddfb733dee573cc760e787be89a5c74b1e2c0f
1181bac2ba7bc517e30c32f6068a1ae9e32e2aa5621ba811b24e20c2bafb5fc1
1211f890980640f917aef6dc283fff050b3365056fac3d2c2739c573a90c3cc8
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12eb90ba365f5499e5dcca6dfa9e11e5e451e601f20c46d05cacfa45bbe0fa68
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14196431302464b67035d3be26eb7dfb3b18e4d638a369d5ed6b4d4ebb4177b7
141a32e58de1a8a4db8cd4b677a11b7407ec3f01f52cfdbae3e59349e654e3cc
1462a6870c6180f472f6a9740ab8e38dee1bc0c467871e1e32e433806320b4a2
14a0271be213a1a3d3a6067829a74f20b63c721e08ee9b6959d8e818ae19e5a0
154a430462b5d28c1c83c50d446f0dc064ea5ef28351f47378e5d3412e630030
16e01cf649348ae4aa10d00073964eb618ddfe12fb19832485fb131dda930f2d
1859485082544968afcc2f8da110229be04938e9b1a696bf2b36ed3ce772eab9
186539724274286a5c49371f8ce34a23e0aa73191a43b410e3845ef8924ec409
188768601044fa9d36f7e8318b53e650a64fb03b28c2b04eb8b99facdadce63e
19281f270f466e15bbaf85a2b145cb2dcbaff75284e9ef3fc604d35a6a633362
193f70e3ef4fb576a502cd67546306e9ec798eb04db2cbb8f42e19b719f75fe4
19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d
1a7daf9952fc246174eb475a55d48bcd8f2a1090e2df0b5b961de948a9fec151
1b1b1518ff22bf171e2896068b4f056b304ed4563a88f85159913053bb86fc86
1d6ec88f567df6145ff31cc4f634d8c576965b5572838f97f9de77af6c3d3239
1e4f82853b2bbe4130f6a37ceb51b2e3ae3b63f93020ae4c6cf29c775ae47c4b
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
2545332ad8d9a7b2d489e057bdbe2483e4a8a1ebcc9e177f2d547e09d8e7cd65
25c8b24643d1b21f3cceeeeb57b229f74c5c7480b1b8a4b96efabefd1e685396
26a53b5f76befd425bf91c46e7be00e0c0eb13108c875a614c12268c379a0717
2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697
2b6ffa1fda482766ba9db7607cf480fea2d6e045ea6d629cb1006b1384f43d3b
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
3421661732cef957fe1c4ceeec168e5bba75f034d4977c564443c9e85a96caff
351ec7eaa47a100223c28f83fcc130fcc711cd585cffcb2e5a13c7aa8c7797e0
36fe8d60c96300f39cef881c83445907bb7a1d0f00b71ffaf38916bc08f99585
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
3a61375e44fd14535935364ba62f844371eb9fb77ad0e4437720086719fa0da7
3cdfc45291898f113cf74b9db84cd914b2069a1bf948e51665789a627186f342
3cf9ea215fa4be40a28cc084a37252e1113ec1b33966cb7c1dd32a5aae6a690b
3e12cb695307b2703bce81c01aaeaf24cf0aa0602c8307458ea4f117719fb6ac
3f51786b1836607a14b5b75a50690195ae8127e9c277863b6a66f2047b12db16
3f7853bd4d6086be63374d96af8f4297718ae35b74698c30e362bf43a1d888a5
3f8103066984fbd6221e75c58ce13db7a2e5cf6da89a29032033a457141d29c0
40030bd579b6f1aa692d946780383338458df1182f80d0001bc8243b608cba8c
409c45f4c5dba51089b142af082a8c9595854b2d225b02996347b00d92d2a95d
4242cb0d811aa58c2c1346e393e3f32eabeea6a8b111505ba9d455c519af0a97
42abaeedae71c9c420fccb74b34dc055920e0bbac9110aae0dee4e8422b5719f
431575775b7531e5dbdf4db1ec30b383059b08dc91a99ae1e5e112685292c015
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ccd0c0f3d7a88ddbae1648ae059a9e2a52540e691a7af0df30e4d3b2292bbc
45c345166436583f0abd394d710d9eeaa329108cdd1a3f09556192d38227cf54
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4b0bb6d8a058a42f5caa03df8bb35b72fed5a1987f6e10602ceb384ddb10d41a
4dd34f61aca89d6bc803b2bd3feb6a97b9be91c52dc7cfb6bf64971b08b3f83a
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
4f157dd4961df97c742b64c6f733ddbf386ab079b8694af8b719ee57bab849cd
4f452334c46c15d7198eb2155a3ec0d93ee81b7d1dfaaee86fe67532299b4f7c
4fd7bdd78f1e54f45a4a21f57679cb6fdf3aee47a8d71dd8852a4193eb9c4b60
500ba18736d9e2fc79546b0f1ff540b8d022a0405718c9c460e6da300f18f7d3
52303cc41d5f6008d97ac080d2cc35f0315da0775738bb39b4fc7d4eb2be0680
52ea1136d79c3a7ebe4f345fdec565e4bac855aeb6ae4dafb54b7b7f29edb881
5574e20c1060dc6456d8a12e6de4732cb5bc19586398121e08a9cabe45c0219f
55b96d22be7287ae9a59a926d4a53e36ad0b16a56d045864ef0df9e951e615dd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5733d9bc8e680afc43dd30cafe37543fd63da220a1472c63c126a43896d29247
58e902446fe39b5fa37273eae3ebc68eeeec63d2c7b3b28c9978d3ebc1f2e9d6
59ed8ba4f55ae0c8eb55341b4098df11760b49d1f6fb0aa3e036585a8af79988
5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427
5ac1c77c992ddf5093ee99f3128e769ce4e854e31d63a45a5c229fa012f3d27b
5bd934921e2f02028743c8b37e4108cd1870c33f3c40e27f409f952f954327fc
5cfedefb95154ab787f29ec754d293534271a0fb6cb774a8557c85e738765098
5d9df2764c7d56ded13faf14e7235e19ae3232be0f54e8ddd60ed76e6339f3af
5e5037129f05b5364a856cbc1a8bfbbaad20aeca2fe2c43d8590a856c753d485
5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312
6036b32be1c4ece847cdd81a651fea9082d4a27d05b279f1333e45087aa4f2dc
6162a259efcc903ece88a8301a46b44e3a77c220b3752c01eb02caa0af358870
64ee05b98a022eb8e7c5f531342a77e8265378f08c4665c90e0b0ca953373b10
65b1970ad0056e9f872f541b8684eaac58af3f4e6af9e8cc46dbba0547aa12f4
6663df519c7ca113900a9c0077ac550db3cf9bb431aee79a56ceac9aecbaee6b
697b090c7524ec726d5636f8c7875ddcca65a2ef8ffe91968ff95aa88dd26b87
6a3c77088d19884e2cb7401a2e9972e357ebb263d905e098014220aeed999815
6a80765e705635ab8f3f4ca137d925f2958a21147effb88c80e3b9e300ff9129
6ba51e661ea99d73f18d67c0759bdfa54b3c409cab8308cccb0b4e94e6750ce5
6c7105dd948f39cf942552d784adc2784ae2ab999863706fd3f79ec370906ea5
6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e
7007e6e756437d5ac0a2a1fda6bb03e50fe2f5c45c7185b4382286514ee211a2
705cb58b6d8f249a2e6561f5f26c5c8215ccbbed4f6999b58a177b51ba973e0b
76d2ff093e6915059cf45b5a51b88ccd5e79c038e42ecd2cf5817403b6c52cd2
770c4939f53c96cccac5b0e25ed133940e3d731cfd7c6567e3415e4fa6f66002
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
7b4a35f9df6a6ded8782ac6d349b07a73f079796613fe2224d7a88db6f4b8658
7fcb5ce28fc78270827a658038cdbd41ccfd7046c1e2a5722c745f6a41fbcb56
83af429bb32f32184dc42cdbde8dcec09e19d882b86a34c7122c8a042e8ec96c
8423187c016ed5f49cc27133ecad313a24d824b83c6e7c6293bf5880d79e9725
85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a
85f5de4dc60ee136c7f141c4999ed8ab88b9bf0aed3a5806f9cbc4283a901b0f
8998554ffd85437ff7bfae81b2e94983f09986380d574117bb234ba6240f7bee
8c1a0ce4d216e8ebccf87693a96b6cddf4f7d72cdfe4d87c1dea22e9b5591e51
8e377dd5b5baaea8f1e02ec632ee5369be88f429c5c837ecde5757c047cce34c
8e8aeadc29c7a5c988fd6d12f6e2ab09da8e7c266eb92662c88e5485f7ca6a54
8f65b44fb877472e43fea955ba239d5247e706bf698dab4082d22b3fa2f2c7cd
8fac5963cf08bccb52ed83675b4ab217e5c9dcf28d37f50f9b0f023fc0a9b783
9164300fd0eeac414cbba5c13af67cecac3685ffc4fa1f18e582056d46490487
9182e5785106498f498602328fe7137d757143fcf66ff2f263ac75f3ca54d7e2
9363faa774f409e51c309f43b8773285a6521a9272fac11dc96ce5c8d0ed3fd8
990fba98068c77b0616f1d04a1df3ae1e0b6a0fe19809beb34864ab99044ba78
9933927f03acaa455df599b6214c211e76adcdd341c8126e3677081398db7ded
9a5fac4171ae0fa4e6253a625c99f72b75949f1ebde08b51108f26923d51be43
9dd316606967a03abedcf35c83300f9763241b13a2066f67dabff0573def70e5
9e16d83a2c1724e2cbfd819c46e35e26b7911de8678342fc0d6a00e277764306
9eb94d0e2d04f7b70c7077d41fd696e37f907326f3a8da175cd2692f58a3b0b8
9fff2bb0ae4e7b8399d2af77253fecd38540f21fbd2e5899f1459eec325a4cca
a05264144271a335fb2ba344835479c8b97cca952f010b9cb8c2d3917abfa50c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a46610abbca70881a4dca452b0a6676d43e459cde7570ab0bfacc7a85e8d92f4
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
a935b85e486d01cfd4d6367d1fa1cab1ae49196644c492860878cf959e332633
ab32bc58349446cd3c8761af45640b13ed01073a6553e5779a9b03852d591ca4
ab6c570f1ed2504c4a6b312d5e5cf220a726910bddf6fb18fbe94f7d6ac53d7b
ac2a630a659de9dedde2fd2602b0486e765b3e64bca661e1b2f2a6d50d1730d0
ae3cd625206f3b22398ce3e5ffcc22c2a6ff95a535e7c4addbfb7e7e2d146ace
af6eba57bf2517abf6514c8efc984691780db40d0468f1bf9e4d1f8687d0f3ec
b02546b57554da630a4827a7755b1f72d22374513f811dc0590ebe942758cbfa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b220223a8800d05dc359ab6bd8cb71e35cf06dde9bedc2f5d9014df3b1e4e1ac
b27e2ff6dcd76549f2f66acf69dbcc8a5dcc53af127a14ac4e5d33adcd18cde7
b5701c4d14b0fc7c3b9376cb94170a68ec73407bd51f1fe168430e37fec2b32e
b6da825ef8edbaa3e6977d8c7e22183bb77b1224071ccbaf82cfa1077273bcb5
b758c20d70f6b20fa85f31c23b9dea1ad5551a1cfd9ed56485c63cc592b2a15b
b7b8ac25904dcb445701b5d1efa127727723d8d9e7f440457f12ca5d3b26c9b5
b98ee44cdcc5f0b1d60fc95a11fdec4c0f555532f4c1aac32210923b9413a469
b9baff621b840f7ac684144508e361f4e9bc2a820658dda0d8a18d3641d487b9
bb86d91e3b389c31862f4b8bf4751da190f0cf386e9c1af4b193fb7f36754733
bbc02b2f82dbf5977ca0eb2a3c8333a35cab6f485de1b08e91765181ffddcfc3
bcf6db8e2b32f2b799eea191434b4090cbb642ee936fd8c169ac7979d69b7b51
bf9fd9a2c376482c39bf4154c70a8379f81794e76032adfe8cbfdaea03b68e5b
c04daf4d84b602e33cd55244de90765807629d32b9bec66402b61bbc9666995c
c272d5ac9e24c29938402a0e3674796326e0867dc058c051bc5bc482f720e29c
c2f14ac6aa2d1007f23dbc8cd5535ae456550e6b6cec1114a60d56610e526861
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c5b3b178dc8df3767511096744a36ee3edcee7ed62be5f8504244e6b70cf7398
ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d
cb5af3540ca60d5b611ff32706a636ed017b8b94ff154cec81b1a6144def5b7d
cc05f6874071cc404007806efb2cfedefe4b82aca5469dfaf9c5cc3720d91347
cc94fe0318ee1d66fb09b079a03c1ca64c0daf3c303fd98a32aa0ee7951b7d33
cdd0a28efd1cdc6028d4e954d1c35666a5e7c78bf5db3923d0460fe768ab30b0
cf864361a24b9afe094f76d502d804e878318535e9479c428babec04f792bb76
d065eff191539c5a5e24a3a4f1bb8ff55a32c7701e34d57ae8b49ca555bdeb31
d2086fef391221a13d759836370ef5bae70c15e1389eb6504dc3a31c987e0a88
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d3f5959fff3e61a5601ec4be106ee10515443a2ee8bdef22138d69836080d896
d4c0a567ed05aa374c9f25bf7e1997cf302b18502d8c075043ad9174a21837cd
d5781b6843de18ff323984b25323f02a17ccbd6d984ea170e8f0f290272031bb
d5d57d912d1e17d9db264a07b64a6a3ed4265303e1d73c542ec3cc2d1ef672c1
da3554374a37dd00f0777ad0556c3cc1cc1492dd2b18566c8a7071b3acbf12d2
da70c773cd3a8d489bad7c03fb89b63053843aa52c0545749df089a08e64f78f
db8dee9ad499fb9b623de94c004b284d5529c842c2822340d4ad2f2f8f44968c
db9c28d70f03728ad94c11d34cea446ed992aaa6167344d3eb362379f7fdaaf0
dc36791a319faca1216172316a62bec25a815789c703e22ca883a6754d60b69c
dc9d99b4069719085cc1a67a93350f47b0d97185bc95c4afc509b917ca2a5ee8
dca4c4f2336af8161192338e15741e994f1fe914e0ce3fd09fa5d55f0cbd349a
e0748f4f1e5cec9f9c80724e3fce7cb0a57c2052c0134a7bd9abea536f22b9e6
e310d272bb05b8caa31f4ec6de5437bfbd04800535c9069fa58550a911612ec8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99
e87381db0061a8a04fd758811bef1906a0f760d8de5bbde1c25f7a7bccdf7f6e
e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db
ea9ed2f612e41fcd700060fad5eff94165c56fb549e6334173177b4a540a5a9d
eab31c37c23a2d8019ce1e5a29c64678c6c8a559b139127982bc961ad6eff3e0
eb1ffeccaf95fde9ecf145e4ea93852a46e7d42b04d38ec858b891c5f6dfd8fd
ed3b2365a716dc5d7564db9d5628d6f303a27dcf6a259b48f287a135dbb8943b
edbc6b185fd351619dc19e76c3e3be738f06901a9a7f6256247b4cedc0d40acd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff87b0205e1ebe55ca731239b15df7b48583b9015ce78cb50a886a97e8b1be8
f006d5392d9ceb2b14d64b27507c2c5129397b4a29bfebc9e2282c9257a6bfbc
f0d8b1217e7da95602961859ca7614fd26171c95471950c6078db7524fddeceb
f451ccd1b82076cdf339b4c512eb3363a898c580776fe8e2a4242ffea352b4a1
f72d0a5af37884e1b1b98c1d843591b5618a80cab198ce8e85cf4131dfde5524
f7884484aa93bc6ff6720b937a8a7ce4450566d1142938629258bc4027a9c685
f87a3392313500de980b01445d72f2f7e95bc0d26d5f938bb2f1a7ab569caf98
fa10a41a8fd89e1784da2ae09f9d4f1cee48e98161e3ab35ec20cd9e2d9fba47
fa7e514331c85e2bff2ab629fc901146eaec70a8fbfd84ee6dc9242dbb9d0030
ff54e9b2209db7e90df95ee8523a1176d4c14d06b413cc817dfbbda6d64a03e1
ff65c7581b6b14184d2d6ab9ebe9416b06fcbb86c3a7a32ca30b3bc7871256a4

www.biltrewards.com Open in urlscan Pro 76.76.21.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

282 Requests

96 %HTTPS

51 %IPv6

32 Domains

43 Subdomains

39 IPs

3 Countries

5126 kBTransfer

19147 kBSize

31 Cookies

11 Outgoing links

Page URL History

Redirected requests

282 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.biltrewards.com Open in urlscan Pro
76.76.21.22 Public Scan

Screenshot
Live screenshot

Full Image

282
Requests

96 %
HTTPS

51 %
IPv6

32
Domains

43
Subdomains

39
IPs

3
Countries

5126 kB
Transfer

19147 kB
Size

31
Cookies

282 HTTP transactions
16 data transactions