www.biltrewards.com Open in urlscan Pro
76.76.21.142 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bilt.page/
Effective URL:
https://www.biltrewards.com/
Submission: On May 21 via api (May 21st 2024, 8:02:43 pm UTC) from US — Scanned from DE

Summary HTTP 313 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 39 IPs in 3 countries across 32 domains to perform 313 HTTP transactions. The main IP is 76.76.21.142, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is www.biltrewards.com. The Cisco Umbrella rank of the primary domain is 124603.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.

This is the only time www.biltrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.117.79.164 34.117.79.164	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
46	76.76.21.142 76.76.21.142	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3035::6815:1a90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.187.92 13.33.187.92	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
9	2606:4700:310... 2606:4700:3108::ac42:28c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 21	34.110.183.245 34.110.183.245	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1 6	2606:4700:20:... 2606:4700:20::681a:3b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	52.39.83.198 52.39.83.198	16509 (AMAZON-02) (AMAZON-02)
2	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
1	52.223.52.2 52.223.52.2	16509 (AMAZON-02) (AMAZON-02)
2	34.160.241.76 34.160.241.76	15169 (GOOGLE) (GOOGLE)
5	35.241.5.91 35.241.5.91	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	2a02:6ea0:c70... 2a02:6ea0:c700::21	60068 (CDN77 _) (CDN77 _)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	18.203.30.8 18.203.30.8	16509 (AMAZON-02) (AMAZON-02)
137	2600:9000:21c... 2600:9000:21c7:9a00:d:ada1:a280:93a1	16509 (AMAZON-02) (AMAZON-02)
3	13.32.110.73 13.32.110.73	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
5	23.198.214.69 23.198.214.69	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	35.157.234.167 35.157.234.167	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:209... 2600:9000:2090:e800:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:484f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
5	2600:1f14:5db... 2600:1f14:5db:eb00:491e:9f27:4143:4c40	16509 (AMAZON-02) (AMAZON-02)
2	35.155.246.37 35.155.246.37	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:275... 2600:9000:275b:ee00:19:2755:1280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:6f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2600:1f18:730... 2600:1f18:730:b140:bf62:c882:cbf7:ea10	14618 (AMAZON-AES) (AMAZON-AES)
2	3.87.104.207 3.87.104.207	14618 (AMAZON-AES) (AMAZON-AES)
4	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 _) (CDN77 _)
313	39

1 34.117.79.164 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 164.79.117.34.bc.googleusercontent.com

bilt.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 76.76.21.142 (Walnut, United States)

ASN16509 (AMAZON-02, US)

www.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:1a90 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.deviceinf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-92.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3108::ac42:28c4 (United States)

ASN13335 (CLOUDFLARENET, US)

transcend-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 34.110.183.245 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 245.183.110.34.bc.googleusercontent.com

id.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o441793.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:3b4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu.mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.39.83.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-83-198.us-west-2.compute.amazonaws.com

tvspix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)

decagon.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.52.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com

www2.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.241.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.241.160.34.bc.googleusercontent.com

flags.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.241.5.91 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 91.5.241.35.bc.googleusercontent.com

static.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.30.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-30-8.eu-west-1.compute.amazonaws.com

vitals.vercel-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

137 2600:9000:21c7:9a00:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.110.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-73.vie50.r.cloudfront.net

events.framer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.198.214.69 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-198-214-69.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.234.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-234-167.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2090:e800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:484f (United States)

ASN13335 (CLOUDFLARENET, US)

mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f14:5db:eb00:491e:9f27:4143:4c40 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.155.246.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-246-37.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275b:ee00:19:2755:1280:93a1 (United States)

ASN16509 (AMAZON-02, US)

scripts.neuro-id.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:6f8 (United States)

ASN13335 (CLOUDFLARENET, US)

sync-transcend-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:730:b140:bf62:c882:cbf7:ea10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.87.104.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-87-104-207.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
137	framerusercontent.com framerusercontent.com — Cisco Umbrella Rank: 48904	2 MB
75	biltrewards.com 1 redirects www.biltrewards.com — Cisco Umbrella Rank: 124603 id.biltrewards.com — Cisco Umbrella Rank: 160987 www2.biltrewards.com — Cisco Umbrella Rank: 618697 flags.biltrewards.com — Cisco Umbrella Rank: 166094 static.biltrewards.com — Cisco Umbrella Rank: 187738	2 MB
22	userway.org cdn.userway.org — Cisco Umbrella Rank: 3155 api.userway.org — Cisco Umbrella Rank: 3077 cdn77.api.userway.org — Cisco Umbrella Rank: 6160	225 KB
9	transcend-cdn.com transcend-cdn.com — Cisco Umbrella Rank: 14041	145 KB
8	mgln.ai 1 redirects cdn.mgln.ai — Cisco Umbrella Rank: 40655 mgln.ai — Cisco Umbrella Rank: 19858 eu.mgln.ai — Cisco Umbrella Rank: 69158	5 KB
5	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 3700 rp4.liadm.com — Cisco Umbrella Rank: 6119 Failed rp.liadm.com — Cisco Umbrella Rank: 1319	38 KB
5	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2777	9 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 712	143 KB
5	segment.com cdn.segment.com — Cisco Umbrella Rank: 1845	31 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	386 KB
3	framer.com events.framer.com — Cisco Umbrella Rank: 57202	6 KB
2	sync-transcend-cdn.com sync-transcend-cdn.com — Cisco Umbrella Rank: 32177
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	400 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	85 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	19 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	neuro-id.com scripts.neuro-id.com — Cisco Umbrella Rank: 118169	48 KB
2	segment.io api.segment.io — Cisco Umbrella Rank: 1425	353 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 493	1 KB
2	vercel-insights.com vitals.vercel-insights.com — Cisco Umbrella Rank: 13185	331 B
2	gstatic.com www.gstatic.com	207 KB
2	decagon.ai decagon.ai — Cisco Umbrella Rank: 46101	1 KB
2	sentry.io o441793.ingest.sentry.io — Cisco Umbrella Rank: 165127	373 B
2	deviceinf.com cdn.deviceinf.com — Cisco Umbrella Rank: 232915	99 KB
1	google.de www.google.de — Cisco Umbrella Rank: 7810	64 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1376 conversions-config.reddit.com Failed	637 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	257 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1160	12 KB
1	tvspix.com tvspix.com — Cisco Umbrella Rank: 14862	194 B
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14323	43 KB
1	bilt.page 1 redirects bilt.page	141 B
313	32

	Domain	Requested by
137	framerusercontent.com	www2.biltrewards.com www.biltrewards.com
46	www.biltrewards.com	www.biltrewards.com
21	id.biltrewards.com	1 redirects www.biltrewards.com www2.biltrewards.com id.biltrewards.com
13	cdn.userway.org	www.biltrewards.com cdn.userway.org www2.biltrewards.com
9	transcend-cdn.com	www.biltrewards.com transcend-cdn.com id.biltrewards.com
6	mgln.ai	1 redirects www.biltrewards.com
5	api.userway.org	www.biltrewards.com cdn.userway.org
5	tags.srv.stackadapt.com	www.biltrewards.com tags.srv.stackadapt.com
5	analytics.tiktok.com	www.biltrewards.com analytics.tiktok.com
5	static.biltrewards.com	www.biltrewards.com id.biltrewards.com
5	cdn.segment.com	www.biltrewards.com
5	www.google.com	1 redirects www.biltrewards.com id.biltrewards.com www.gstatic.com
4	cdn77.api.userway.org	www.biltrewards.com
4	www.googletagmanager.com	www.biltrewards.com www.googletagmanager.com cdn.segment.com
3	events.framer.com	www2.biltrewards.com
2	rp.liadm.com	2 redirects
2	sync-transcend-cdn.com	transcend-cdn.com
2	www.facebook.com	www.biltrewards.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	cdn.segment.com www.googleadservices.com
2	connect.facebook.net	cdn.segment.com connect.facebook.net
2	scripts.neuro-id.com	www.biltrewards.com scripts.neuro-id.com
2	api.segment.io	www.biltrewards.com
2	rp4.liadm.com	www.biltrewards.com
2	pixel.tapad.com	2 redirects
2	vitals.vercel-insights.com	www.biltrewards.com
2	www.gstatic.com	www.google.com
2	flags.biltrewards.com	www.biltrewards.com
2	decagon.ai	www.biltrewards.com decagon.ai
2	o441793.ingest.sentry.io	www.biltrewards.com id.biltrewards.com
2	cdn.deviceinf.com	www.biltrewards.com id.biltrewards.com
1	www.google.de	www.biltrewards.com
1	alb.reddit.com	www.biltrewards.com
1	region1.google-analytics.com	www.googletagmanager.com
1	eu.mgln.ai	www.biltrewards.com
1	b-code.liadm.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com www.biltrewards.com
1	www2.biltrewards.com	www.biltrewards.com
1	tvspix.com	www.biltrewards.com
1	cdn.mgln.ai	www.biltrewards.com
1	cdn.plaid.com	www.biltrewards.com
1	bilt.page	1 redirects
0	conversions-config.reddit.com Failed	www.biltrewards.com
313	43

This site contains links to these domains. Also see Links.

Domain
instagram.com
twitter.com
facebook.com
youtube.com
www.linkedin.com
legal.biltrewards.com
biltrewards.zendesk.com
bilt.page.link
biltrewards.com
www.biltalliance.com
newsroom.biltrewards.com
allyant.com

Subject Issuer	Validity	Valid
www.biltrewards.com R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh
deviceinf.com Cloudflare Inc ECC CA-3	`2024-01-08` - `2024-12-31`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2024-03-12` - `2025-03-11`	a year	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
transcend-cdn.com GTS CA 1P5	`2024-05-18` - `2024-08-16`	3 months	crt.sh
id.biltrewards.com GTS CA 1D4	`2024-05-04` - `2024-08-02`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
mgln.ai E1	`2024-04-07` - `2024-07-06`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
tvspix.com Amazon RSA 2048 M03	`2024-03-25` - `2025-04-24`	a year	crt.sh
decagon.ai R3	`2024-04-27` - `2024-07-26`	3 months	crt.sh
www2.biltrewards.com R3	`2024-05-15` - `2024-08-13`	3 months	crt.sh
flags.biltrewards.com GTS CA 1D4	`2024-04-18` - `2024-07-17`	3 months	crt.sh
static.biltrewards.com GTS CA 1D4	`2024-05-12` - `2024-08-10`	3 months	crt.sh
1667503734.rsc.cdn77.org R3	`2024-05-07` - `2024-08-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
vercel-insights.com Amazon RSA 2048 M03	`2023-08-23` - `2024-09-19`	a year	crt.sh
framerusercontent.com Amazon RSA 2048 M02	`2023-12-18` - `2025-01-14`	a year	crt.sh
events.framer.com Amazon RSA 2048 M03	`2024-04-09` - `2025-05-07`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-08` - `2024-07-06`	6 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
*.neuro-id.com Amazon RSA 2048 M01	`2023-06-27` - `2024-07-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-29` - `2024-05-29`	3 months	crt.sh
*.googleadservices.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
sync-transcend-cdn.com E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
1784939676.rsc.cdn77.org R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.biltrewards.com/
Frame ID: 0982D2ABB29071EE668462D217511BEF
Requests: 130 HTTP requests in this frame

Frame: https://www2.biltrewards.com/
Frame ID: A961B2FE67C73E0AAE5388A1546F7744
Requests: 161 HTTP requests in this frame

Frame: https://id.biltrewards.com/login/iframe/userdata/
Frame ID: C7B5DA0E1D4296C21453E80D2111B08E
Requests: 27 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc&co=aHR0cHM6Ly93d3cuYmlsdHJld2FyZHMuY29tOjQ0Mw..&hl=de&v=8k85QBI-qzxmenDv318AZH30&size=invisible&cb=1at39x2e5kwd
Frame ID: 81450106C929953BA56ECF8DC689BA73
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc&co=aHR0cHM6Ly9pZC5iaWx0cmV3YXJkcy5jb206NDQz&hl=de&v=8k85QBI-qzxmenDv318AZH30&size=invisible&cb=arq2pqekjgne
Frame ID: E9D2E04CC128EAD52868FAE0764E9ABC
Requests: 1 HTTP requests in this frame

Frame: https://decagon.ai/demo/bilt?defaultVisibility=hidden
Frame ID: AF3BD397531E2BC3A75025E35AC6BF75
Requests: 1 HTTP requests in this frame

Frame: https://sync-transcend-cdn.com/consent-manager/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f
Frame ID: 52F756C41E0B9C90282AE32FA2D2E0EA
Requests: 1 HTTP requests in this frame

Frame: https://sync-transcend-cdn.com/consent-manager/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f
Frame ID: E0BDA3A487CAB77DA9701006EDC1CDF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bilt Rewards

Page URL History Show full URLs

http://bilt.page/ HTTP 307
https://bilt.page/ HTTP 301
https://www.biltrewards.com/ Page URL

Detected technologies

DatoCMS (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+https://www\.datocms-assets\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha

Page Statistics

313
Requests

97 %
HTTPS

51 %
IPv6

32
Domains

43
Subdomains

39
IPs

3
Countries

5210 kB
Transfer

20268 kB
Size

32
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://instagram.com/BiltRewards

Search URL Search Domain Scan URL

URL: https://twitter.com/BiltRewards

Search URL Search Domain Scan URL

URL: https://facebook.com/biltrewards

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCCJoaLWfOJeBx6fD8K58nuQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/biltrewards

Search URL Search Domain Scan URL

URL: https://legal.biltrewards.com/policies
Title: Privacy Center

Search URL Search Domain Scan URL

URL: https://biltrewards.zendesk.com/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

URL: https://bilt.page.link/app
Title: App

Search URL Search Domain Scan URL

URL: https://biltrewards.com/p/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.biltalliance.com/
Title: Bilt for Real Estate Partners

Search URL Search Domain Scan URL

URL: https://newsroom.biltrewards.com/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://allyant.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bilt.page/ HTTP 307
https://bilt.page/ HTTP 301
https://www.biltrewards.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://id.biltrewards.com/login/iframe/userdata HTTP 308
https://id.biltrewards.com/login/iframe/userdata/

Request Chain 139

https://mgln.ai/pixel/sync.gif HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3365&partner_device_id=fd19026b-af77-4284-bd02-da289481e9ad&partner_url=https%3A%2F%2Feu.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3365&partner_device_id=fd19026b-af77-4284-bd02-da289481e9ad&partner_url=https%3A%2F%2Feu.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://eu.mgln.ai/pixel?tapad_id=3af2a101-753b-48ea-be89-6ce6fd205c9a

Request Chain 221

https://rp.liadm.com/j?dtstmp=1716321738475&aid=b-00ri&se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 0
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 253

https://rp.liadm.com/j?dtstmp=1716321738475&aid=b-00ri&se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 0
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 268

https://rp.liadm.com/j?dtstmp=1716321738475&aid=b-00ri&se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 0
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 270

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10874839969/?random=94744840&cv=9&fst=1716321738960&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIgcSxAg&pscrd=IhMItOjJ3MSfhgMVtFlBAh0DOQnwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LmJpbHRyZXdhcmRzLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/10874839969/?random=94744840&cv=9&fst=1716321738960&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIgcSxAg&pscrd=IhMItOjJ3MSfhgMVtFlBAh0DOQnwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LmJpbHRyZXdhcmRzLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLmEkI4VLWZVc_cBVOy7p1O2fbSj5qmg&random=3123225594&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/10874839969/?random=94744840&cv=9&fst=1716321738960&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIgcSxAg&pscrd=IhMItOjJ3MSfhgMVtFlBAh0DOQnwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LmJpbHRyZXdhcmRzLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLmEkI4VLWZVc_cBVOy7p1O2fbSj5qmg&random=3123225594&resp=GooglemKTybQhCsO&ipr=y

Request Chain 277

https://rp.liadm.com/j?dtstmp=1716321738475&aid=b-00ri&se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 0
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 307

https://rp.liadm.com/p?dtstmp=1716321739247&aid=b-00ri&se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 302
https://rp4.liadm.com/p?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321739247&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 308

https://rp.liadm.com/p?dtstmp=1716321739247&aid=b-00ri&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTYzMjE3Mzg0NzUmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaHllYnlxLi4uIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiRXJyb3I6IEVycm9yIGR1cmluZyBYSFIgY2FsbDogMCwgdXJsOiBodHRwczovL3JwLmxpYWRtLmNvbS9qP2R0c3RtcD0xNzE2MzIxNzM4NDc1JmFpZD1iLTAwcmkmc2U9ZTMwJmR1aWQ9MDVlMjFlOWE2ODZlLS0wLi4uIiwiZmlsZU5hbWUiOiJ1bmRlZmluZWQifQ&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 302
https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTYzMjE3Mzg0NzUmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaHllYnlxLi4uIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiRXJyb3I6IEVycm9yIGR1cmluZyBYSFIgY2FsbDogMCwgdXJsOiBodHRwczovL3JwLmxpYWRtLmNvbS9qP2R0c3RtcD0xNzE2MzIxNzM4NDc1JmFpZD1iLTAwcmkmc2U9ZTMwJmR1aWQ9MDVlMjFlOWE2ODZlLS0wLi4uIiwiZmlsZU5hbWUiOiJ1bmRlZmluZWQifQ&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321739247&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

313 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.biltrewards.com/
Redirect Chain

http://bilt.page/
https://bilt.page/
https://www.biltrewards.com/

92 KB
13 KB

370ms
296ms

Document
text/html

76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

347d65af0845c599dea63f5680c66797775d770dbf0733630c34a37fb1c08319

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-type: text/html; charset=utf-8
date: Tue, 21 May 2024 20:02:16 GMT
referrer-policy: origin
server: Vercel
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-content-type-options: nosniff
x-matched-path: /p/homepage
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: cle1
x-vercel-id: fra1::cle1::krg9v-1716321736557-0d7006a2f8cb
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 21 May 2024 20:02:16 GMT
location: https://www.biltrewards.com:443/

GET
H2 200 webpack-8714ed4b17298ec9.js Show response
www.biltrewards.com/_next/static/chunks/ 5 KB
5 KB 68ms
63ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/webpack-8714ed4b17298ec9.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

07a1fad3689e8ffddb90e3ff01080c3579d6dbcf239166ea370c4a7582302e8c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="webpack-8714ed4b17298ec9.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::zmf8p-1716321736862-d6bc71e1f6d6
x-matched-path: /_next/static/chunks/webpack-8714ed4b17298ec9.js
etag: W/"049e0aa0ac5c8e02b4a6deb6b8601f06"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 0a08d48a-2ea4280064791d1b.js Show response
www.biltrewards.com/_next/static/chunks/ 168 KB
57 KB 45ms
40ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/0a08d48a-2ea4280064791d1b.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f20718ca51aea7b5bd511449b7a3ffc49978f7f57999dd7c6a0408e807f00d01

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="0a08d48a-2ea4280064791d1b.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::tf4w9-1716321736862-533fdaf8ccb8
x-matched-path: /_next/static/chunks/0a08d48a-2ea4280064791d1b.js
etag: W/"85b86442bce54e0325c3860f9ae03d04"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 4058-2f666a5796eacaaf.js Show response
www.biltrewards.com/_next/static/chunks/ 136 KB
42 KB 49ms
43ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

48f05f5cda5a40c726077f971c6381185ad2490b89cf1aa204049fb47427145b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="4058-2f666a5796eacaaf.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::tf4w9-1716321736883-49efdb485a09
x-matched-path: /_next/static/chunks/4058-2f666a5796eacaaf.js
etag: W/"a3501fb5da686d5e8e5098ef7a721f61"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 main-app-38bb3ff600f52554.js Show response
www.biltrewards.com/_next/static/chunks/ 4 KB
5 KB 51ms
45ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/main-app-38bb3ff600f52554.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5bd9875da9ad66936a2bec098573f0e79ec0dce734c5c9fd34ce0fbba3f7b6d5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="main-app-38bb3ff600f52554.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::dmjfq-1716321736883-9c0b68816e93
x-matched-path: /_next/static/chunks/main-app-38bb3ff600f52554.js
etag: W/"50d021439d2c5f0b284915f3bc851eff"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 2708-e727d10e5aa82995.js Show response
www.biltrewards.com/_next/static/chunks/ 40 KB
16 KB 100ms
94ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/2708-e727d10e5aa82995.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

08a3938cb627d9c510cb612fa8183cc339b4efc1f11d141c86561d481d16bbed

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="2708-e727d10e5aa82995.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::6lcql-1716321736883-cf5e8fbb8736
x-matched-path: /_next/static/chunks/2708-e727d10e5aa82995.js
etag: W/"ea813893e68373e0ad22bb12ac6f9623"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 global-error.page-93d534f079f010cd.js Show response
www.biltrewards.com/_next/static/chunks/app/ 6 KB
5 KB 107ms
101ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/app/global-error.page-93d534f079f010cd.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1ecd5d344ae4c926245b979627331aadcd187f99ad0f520bf3b5046d13194400

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="global-error.page-93d534f079f010cd.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::zwzbz-1716321736886-f9aabe551bd1
x-matched-path: /_next/static/chunks/app/global-error.page-93d534f079f010cd.js
etag: W/"ddd6ade3bfbbf1d87057d60d7d3c39fd"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 a1377a71-a61eaf683f67cca3.js Show response
www.biltrewards.com/_next/static/chunks/ 120 KB
41 KB 91ms
85ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/a1377a71-a61eaf683f67cca3.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

14ce4e2c8340c041c53de976a7b371785493e98fa84f57957f9a92e7a8046e67

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="a1377a71-a61eaf683f67cca3.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::zhlgk-1716321736883-515f36789189
x-matched-path: /_next/static/chunks/a1377a71-a61eaf683f67cca3.js
etag: W/"276a4e4db7ff1fb0f1993b7c9c0e56ac"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 6851-acc179540c885662.js Show response
www.biltrewards.com/_next/static/chunks/ 37 KB
17 KB 69ms
63ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/6851-acc179540c885662.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

dee84f70b223c706aee2e8509f8a16a3c99d5a3dcd1fa440d0417db8d6ee1792

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="6851-acc179540c885662.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::8dz6v-1716321736883-c6cf420be47e
x-matched-path: /_next/static/chunks/6851-acc179540c885662.js
etag: W/"68066f16d7c922eb69f3540940f9175a"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 7883-869763b70811cfae.js Show response
www.biltrewards.com/_next/static/chunks/ 15 KB
8 KB 101ms
96ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/7883-869763b70811cfae.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5b4fdc71b907c8b40b093cffa977415257b82282d0fb32448e1306f030d64345

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="7883-869763b70811cfae.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::dtmn5-1716321736883-ca221ca18fd8
x-matched-path: /_next/static/chunks/7883-869763b70811cfae.js
etag: W/"29fefa3f14456612136fef0048904c51"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 5205-484b81c9a8b04189.js Show response
www.biltrewards.com/_next/static/chunks/ 8 KB
6 KB 91ms
86ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/5205-484b81c9a8b04189.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0a1997286898b43d87fe93530af27762ec3aecd1e4165a63f6cfc65cabbac48f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="5205-484b81c9a8b04189.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::w7s9v-1716321736885-f67fef1e9ee6
x-matched-path: /_next/static/chunks/5205-484b81c9a8b04189.js
etag: W/"b2d3ee3e98db445718c86495167840c2"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 7318-6b2365c85f0b5723.js Show response
www.biltrewards.com/_next/static/chunks/ 27 KB
11 KB 93ms
87ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/7318-6b2365c85f0b5723.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8422db24abe569163240a916eec839ae5101a26b8da874892fcf8c63b8d2a847

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="7318-6b2365c85f0b5723.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::bwvg8-1716321736886-3992d2349326
x-matched-path: /_next/static/chunks/7318-6b2365c85f0b5723.js
etag: W/"602f3fa2e5554a9cb81e074d1b56f29d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 6479-6f1e87ee80043c6e.js Show response
www.biltrewards.com/_next/static/chunks/ 86 KB
33 KB 73ms
68ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/6479-6f1e87ee80043c6e.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

cd47392e7c18f91513bb643bc7e815e234454f858240245b5172541cecb913e7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="6479-6f1e87ee80043c6e.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::q4lpt-1716321736885-6cfc56880a55
x-matched-path: /_next/static/chunks/6479-6f1e87ee80043c6e.js
etag: W/"92c97a9aac015a11864de5014b5ec002"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 1325-7349c3bf44a94342.js Show response
www.biltrewards.com/_next/static/chunks/ 13 KB
7 KB 72ms
67ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/1325-7349c3bf44a94342.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5b532e53a76170e8abd917548fc51d1d34916dfb4b36511b33aeb15d635a6cef

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="1325-7349c3bf44a94342.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::rls9r-1716321736885-f46a00997be5
x-matched-path: /_next/static/chunks/1325-7349c3bf44a94342.js
etag: W/"4c3e2e351ef9f924a35cc1bd26ea5272"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 8609-c38f194d114c796b.js Show response
www.biltrewards.com/_next/static/chunks/ 268 KB
88 KB 76ms
71ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

dd01382dbc936e089c3f9a5c22a9f0a06c90dc722330c8b5e92a68fb9ad229ff

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="8609-c38f194d114c796b.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::b89sj-1716321736885-77644f711656
x-matched-path: /_next/static/chunks/8609-c38f194d114c796b.js
etag: W/"0b5e10cd8c1463cb1d38024f2187ae2c"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 5594-9d63d6e605a74b4d.js Show response
www.biltrewards.com/_next/static/chunks/ 92 KB
31 KB 70ms
65ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/5594-9d63d6e605a74b4d.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a8d40be55ed211fc9b3ebbda1ba39c148b61d48b780da684f41cdcc74ca05477

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="5594-9d63d6e605a74b4d.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::xjlw2-1716321736885-1102cc219db1
x-matched-path: /_next/static/chunks/5594-9d63d6e605a74b4d.js
etag: W/"8c12ebb8413c060167621774cbf34516"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 6454-fff94aa9826d57c4.js Show response
www.biltrewards.com/_next/static/chunks/ 8 KB
5 KB 103ms
98ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/6454-fff94aa9826d57c4.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

924a4b7cab4405894581d0207eaf020e73124a60d105d56d1a283daa4205f1dc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="6454-fff94aa9826d57c4.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::25mp6-1716321736885-104b6f71dec5
x-matched-path: /_next/static/chunks/6454-fff94aa9826d57c4.js
etag: W/"4e037b7bbdf6af0538f2e198927ce2b8"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 1041-ea41706ffeaa0168.js Show response
www.biltrewards.com/_next/static/chunks/ 133 KB
48 KB 107ms
103ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/1041-ea41706ffeaa0168.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f03d0fbdbdf2e128b8c2863a59b42688afbaea2bdc8e366d7257a7fd6b31d631

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="1041-ea41706ffeaa0168.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::vn2rt-1716321736885-bc960b549a8b
x-matched-path: /_next/static/chunks/1041-ea41706ffeaa0168.js
etag: W/"4fd5b92cd99de14b122f60df4bd4b744"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 5935-2bec4673ee277813.js Show response
www.biltrewards.com/_next/static/chunks/ 5 KB
5 KB 76ms
72ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/5935-2bec4673ee277813.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4f0723c4f61bf24d6caa0f3c88c0ff696d701fdcc002882e75d3849b147c36eb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="5935-2bec4673ee277813.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::8jbwb-1716321736885-12a06b4ba0e0
x-matched-path: /_next/static/chunks/5935-2bec4673ee277813.js
etag: W/"3d2f780e38c5982f02299428ebf9f3d2"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 1199-d8354150ba2301a7.js Show response
www.biltrewards.com/_next/static/chunks/ 44 KB
19 KB 68ms
64ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/1199-d8354150ba2301a7.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7746ece790029046b24f2a25796fcaa152efe875c7a8641358088ba857e53157

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="1199-d8354150ba2301a7.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::92k9t-1716321736885-df51e4a6754c
x-matched-path: /_next/static/chunks/1199-d8354150ba2301a7.js
etag: W/"6e47846cd7dc32ecdb9fd9cee0a25dec"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 7423-6f5efa75c7a47948.js Show response
www.biltrewards.com/_next/static/chunks/ 17 KB
9 KB 90ms
87ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/7423-6f5efa75c7a47948.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

dc2039eaa8cdec894f2d425e26ac4233e0bc86f4591185097efb4b79a659f083

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="7423-6f5efa75c7a47948.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::57k5c-1716321736886-a4137321db46
x-matched-path: /_next/static/chunks/7423-6f5efa75c7a47948.js
etag: W/"648baa226f034526c6004bb818fa0c75"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 8834-e17095f6bea686d4.js Show response
www.biltrewards.com/_next/static/chunks/ 18 KB
9 KB 72ms
69ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/8834-e17095f6bea686d4.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8b7931364d5910c545b4b665ecf4a4399ca1aaf0591f18b6030d083da15f1aef

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="8834-e17095f6bea686d4.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::np589-1716321736885-89b442b20136
x-matched-path: /_next/static/chunks/8834-e17095f6bea686d4.js
etag: W/"d47c846ebc7169a4ea0608b1b80d377f"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 8663-089373e8d4fb293d.js Show response
www.biltrewards.com/_next/static/chunks/ 8 KB
6 KB 67ms
63ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/8663-089373e8d4fb293d.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

01f0e7ce17811d478287a5fd73ca4f82c24c94410b1b5df90537d395ff4cf41b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="8663-089373e8d4fb293d.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::hgr98-1716321736885-c0018d7ff819
x-matched-path: /_next/static/chunks/8663-089373e8d4fb293d.js
etag: W/"ea977c6d269180c7020c12d6acded3c3"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 6333-6c61da876dd38422.js Show response
www.biltrewards.com/_next/static/chunks/ 10 KB
6 KB 73ms
70ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/6333-6c61da876dd38422.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

60105af233511f41879808ac3f5450f22a255086344cd02aa483f0077eb92e63

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="6333-6c61da876dd38422.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::bnsc2-1716321736885-f665c75c0adc
x-matched-path: /_next/static/chunks/6333-6c61da876dd38422.js
etag: W/"4a2bc05d502f324bf9ed6357460889a6"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 4193-1beee40378b6486e.js Show response
www.biltrewards.com/_next/static/chunks/ 253 KB
84 KB 71ms
68ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/4193-1beee40378b6486e.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3b537133714165e6b109ed33bcf437a891c02cc3b0c62a56a5a3e4e7d14f81ac

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="4193-1beee40378b6486e.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::bzms6-1716321736885-be148f75dd1b
x-matched-path: /_next/static/chunks/4193-1beee40378b6486e.js
etag: W/"54de3f47eb51b7fe0e97f7581ebf55f3"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 6732-60e5de531e0dff85.js Show response
www.biltrewards.com/_next/static/chunks/ 356 KB
88 KB 88ms
86ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/6732-60e5de531e0dff85.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d7cfeb1fa51c53311474aa19d8120f0d963555765dce3958cfc3b4ec3863414d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="6732-60e5de531e0dff85.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::2r2k6-1716321736885-65ad0a54550b
x-matched-path: /_next/static/chunks/6732-60e5de531e0dff85.js
etag: W/"b9de067b1f9954ed43a3f7df5e17d1dd"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 7008-5a200fd92aa061b0.js Show response
www.biltrewards.com/_next/static/chunks/ 76 KB
27 KB 103ms
100ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/7008-5a200fd92aa061b0.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a6719d408c68a76e7ecc129a8ca95660269e04939e056d23abbddded90bf8e3a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="7008-5a200fd92aa061b0.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::dclll-1716321736885-f3cdfde2e513
x-matched-path: /_next/static/chunks/7008-5a200fd92aa061b0.js
etag: W/"17d88fa459cf631372b9bec563d832d1"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 1768-4a266cf611d4d25e.js Show response
www.biltrewards.com/_next/static/chunks/ 10 KB
6 KB 95ms
93ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/1768-4a266cf611d4d25e.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5cc361182ae73a5bfc6c5aceb81f1f7980b4f21131755526d4ba24cf9d468d63

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="1768-4a266cf611d4d25e.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::87b7h-1716321736885-68c6ab3a7fe5
x-matched-path: /_next/static/chunks/1768-4a266cf611d4d25e.js
etag: W/"7bed285209ad0b4545f773922ddde438"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 layout.page-910a73706950dd41.js Show response
www.biltrewards.com/_next/static/chunks/app/(root)/ 90 KB
29 KB 93ms
91ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/app/(root)/layout.page-910a73706950dd41.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f0426d6e42814a54789172a2bc0b9cc8125833158d0a036078c347a3ad5ff3c2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="layout.page-910a73706950dd41.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::zmf8p-1716321736885-477f1e9f544c
x-matched-path: /_next/static/chunks/app/(root)/layout.page-910a73706950dd41.js
etag: W/"5f402fdc8a32f6a7c6e473667fa263f6"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 ada-compliance.js Show response
www.biltrewards.com/assets/vendor/ 2 KB
3 KB 42ms
39ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/assets/vendor/ada-compliance.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7705cfa1c0bc05d67afd1b2d5abf64186b6139905917b0b5864fc247312383fa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="ada-compliance.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::dmjfq-1716321736864-a803f4b65881
x-matched-path: /assets/vendor/ada-compliance.js
etag: W/"d2b0d05ef1d0990b8dd364cf4b0461b6"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate

GET
H3 200 agent.js Show response
cdn.deviceinf.com/js/v4/ 310 KB
99 KB 97ms
45ms Script
application/javascript 2606:4700:3035::6815:1a90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.deviceinf.com/js/v4/agent.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1a90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:16 GMT
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
via: 1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P4
age: 3061
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
server: cloudflare
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DRXwnXwakAyMODStn63iAF8e8fkUgR6FUw25a4iBCkOi165ACeY8D6gjl04qMWYIoFF2W5U2XjnqZU4p%2F2wEFUKcEBiS%2ByyrNdH3LClxNFW8bKXi3Yj7A6TE71sd09oiT1ttWTkiJ17R8SW8D4U0Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 887729c7be0a3a3d-FRA
x-amz-cf-id: OQoGQPXItVc8SGmHo9GeF763193IOTpcjlTlxekQ7kvToPdXs2-DUg==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 156 KB
43 KB 116ms
48ms Script
text/javascript 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abdf037aa453598950fd6c0270bbe1336c52cf932b3282c6f7a28ed8b5119167

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 18:30:26 GMT
x-amz-version-id: cbX3PTvpKjEnzFBMDLvBphknjaVF9ylT
content-encoding: br
via: 1.1 e1af02661708034e962bd39b357a50aa.cloudfront.net (CloudFront)
x-amz-request-id: V27GBWXYYDAEHGMA
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
age: 5511
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: aUjGCuvG2pu5MzuuZjdWm4LxjvKZj9vji2xttDUYxmu4vHEYbnho+vcLe/d/uX212FJYX+dBeio=
last-modified: Tue, 21 May 2024 18:13:10 GMT
server: AmazonS3
etag: W/"e6124163205b780ce0bea6472fda6aa1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: 76EoOjwOKs0pDENDjnnh-1xq-Ccpjy9yFY-C3Nv6oZWUvcSuMt4XCQ==

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1014 B 79ms
32ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

709706dfb7e22c6e5ca984f873db12456005a948623716f0d122e4fff48e2be0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 21 May 2024 20:02:16 GMT

GET
H3 200 airgap.js Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ 105 KB
43 KB 104ms
60ms Script
text/javascript 2606:4700:3108::ac42:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:28c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

193f70e3ef4fb576a502cd67546306e9ec798eb04db2cbb8f42e19b719f75fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81390
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"f40739130aa0cc889c7fc63c2ffe78ae"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 887729c7a9893a86-FRA
expires: Tue, 21 May 2024 20:03:16 GMT

GET
H2 200 fs.js Show response
id.biltrewards.com/fsedge/s/ 273 KB
74 KB 126ms
42ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.biltrewards.com/fsedge/s/fs.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.183.110.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 19:04:59 GMT
content-encoding: br
via: 1.1 google
age: 3438
x-guploader-uploadid: ABPtcPom4IxkzNDoO1Bqrqm7FRdw4QbIenmp07XCxfQmKtcOzyV-FQiO6dxlYCfJ2Pn9mtOIi9VTD9zbjw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75399
last-modified: Thu, 16 May 2024 15:58:30 GMT
server: UploadServer
etag: "9518bfdd8ce5a4d07426912e49eab44e"
vary: Accept-Encoding
x-goog-generation: 1715875109988133
x-goog-hash: crc32c=iqU1ow==, md5=lRi/3YzlpNB0JpEuSeq0Tg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 75399
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 21 May 2024 20:04:59 GMT

GET
H2 200 5574.fb690dce07aa7a80.js Show response
www.biltrewards.com/_next/static/chunks/ 3 KB
4 KB 68ms
68ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/5574.fb690dce07aa7a80.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/webpack-8714ed4b17298ec9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a0184ec3f0f6a21d28cb900fbfc2862474a271ce5b5d1e1b0fb8c278248b3637

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 776
content-disposition: inline; filename="5574.fb690dce07aa7a80.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::xmj28-1716321736947-57b4e2c2cf48
x-matched-path: /_next/static/chunks/5574.fb690dce07aa7a80.js
etag: W/"34dc440ed2d781542de01278b46702e4"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 9ffa21ba-993efbed269ed6c8.js Show response
www.biltrewards.com/_next/static/chunks/ 68 KB
28 KB 39ms
34ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/9ffa21ba-993efbed269ed6c8.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/webpack-8714ed4b17298ec9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4d30600a865d49c31ee9a2f18bbd955840b72f3d5eee2d3394fda371e9ee270e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1122
content-disposition: inline; filename="9ffa21ba-993efbed269ed6c8.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::dclll-1716321736959-130166e5adb8
x-matched-path: /_next/static/chunks/9ffa21ba-993efbed269ed6c8.js
etag: W/"36b13590fca40418ab5cd26689c9b879"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 page.page-01aac7e465931c58.js Show response
www.biltrewards.com/_next/static/chunks/app/(root)/p/homepage/ 4 KB
5 KB 38ms
33ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/app/(root)/p/homepage/page.page-01aac7e465931c58.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/webpack-8714ed4b17298ec9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fbea2ed7b96532635f4d8f3667f0237e3fe72dabbdbb2f191b8e828e29945e6b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:16 GMT
strict-transport-security: max-age=63072000
age: 1122
content-disposition: inline; filename="page.page-01aac7e465931c58.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::vn2rt-1716321736959-b5b4aeeba6d3
x-matched-path: /_next/static/chunks/app/(root)/p/homepage/page.page-01aac7e465931c58.js
etag: W/"c5bb9a770c8d374989362209837a1931"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

POST
H2 200 / Show response
o441793.ingest.sentry.io/api/5823479/envelope/ 2 B
308 B 111ms
28ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o441793.ingest.sentry.io/api/5823479/envelope/?sentry_key=50f039ff934e419597bde8e7652fc3d8&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.112.2

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 290 KB
99 KB 109ms
55ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/app/(root)/layout.page-910a73706950dd41.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b433def12ac46677cffd4e29fc9111ba8fcbab5ccc494b20d70451b0a6bca436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100450
x-xss-protection: 0
last-modified: Tue, 21 May 2024 18:46:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 May 2024 20:02:17 GMT

GET
H2 200 pixel.min.js Show response
cdn.mgln.ai/ 4 KB
2 KB 100ms
33ms Script
application/javascript 2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mgln.ai/pixel.min.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/app/(root)/layout.page-910a73706950dd41.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ccd0c0f3d7a88ddbae1648ae059a9e2a52540e691a7af0df30e4d3b2292bbc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
x-amz-version-id: Qluw.Dmpsqk5N8uDOhUTz5or_W6D3CxC
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: D370CNR4AA5H5S33
age: 2890
x-amz-server-side-encryption: AES256
x-amz-id-2: ezHjDag2j9y7A7LCS7BLYm2r3dzjPhFBnCWfzgc7hfeCR5MB+x/E7KHKekq/bsEtd9XDniy7duc1C8l9f9KYTQ==
last-modified: Thu, 08 Dec 2022 20:53:16 GMT
server: cloudflare
etag: W/"37bf51efaf3af89068b080c2d9635113"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHTj81IX8KRUdiwCNrAabNkVdw%2BUJ4ua9OLyKzMYKxFEI66i5aCg6RLK7gxQB9462ds8J30pqSb0JJc018qy2IHgI61WQAREt4xzAQYrGmm2oy3Ph3In0XesGQSMJMXN6o0KGug5kWWh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 887729c9797f6910-FRA

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/ 3 KB
2 KB 153ms
20ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/settings
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8998554ffd85437ff7bfae81b2e94983f09986380d574117bb234ba6240f7bee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 0J8FdXNAYV1z6ofZJjahVic3IXJOIsUZ
content-encoding: br
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
date: Tue, 21 May 2024 19:24:46 GMT
x-amz-cf-pop: FRA6-C1
age: 2252
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 16 Apr 2024 17:43:55 GMT
server: AmazonS3
etag: W/"9c420e2783cc9b135277d88d374c741a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: wNR-P6lto5O3_TqqUZHjW6ieR-sq_9wwD_um8ntpcVSz7wMp9_GXXQ==

GET
H2 200 t.png
tvspix.com/ 68 B
194 B 910ms
194ms Image
image/png 52.39.83.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tvspix.com/t.png?&t=1716321737117&l=tvscientific-pix-o-946859a1-af7d-49da-bef5-a1dcf030077a&u3=https%3A%2F%2Fwww.biltrewards.com%2F
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.39.83.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-83-198.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 21 May 2024 20:02:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 68
expires: 0

GET
H2 200 bilt.js Show response
decagon.ai/loaders/ 3 KB
1 KB 210ms
142ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://decagon.ai/loaders/bilt.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/0a08d48a-2ea4280064791d1b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fa10a41a8fd89e1784da2ae09f9d4f1cee48e98161e3ab35ec20cd9e2d9fba47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::b89sj-1716321737261-5982faabfa86
age: 0
x-matched-path: /loaders/bilt.js
etag: W/"653cacd6241644d8457a997c6cf05e54"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="bilt.js"

GET
H2 200 / Show response
www2.biltrewards.com/ Frame A961 1 MB
79 KB 165ms
52ms Document
text/html 52.223.52.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.biltrewards.com/

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/0a08d48a-2ea4280064791d1b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.223.52.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0b1d980e1f2226c6.awsglobalaccelerator.com

Software

Framer/9477266 /

Resource Hash

5cfedefb95154ab787f29ec754d293534271a0fb6cb774a8557c85e738765098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 80270
content-type: text/html
date: Tue, 21 May 2024 20:02:16 GMT
etag: "da5b6ba89e62fb105aceb4bbc083d0cd"
last-modified: Tue, 16 Apr 2024 19:09:32 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server: Framer/9477266
server-timing: region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="9477266"
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H3

200

/ Show response
id.biltrewards.com/login/iframe/userdata/ Frame C7B5
Redirect Chain

https://id.biltrewards.com/login/iframe/userdata
https://id.biltrewards.com/login/iframe/userdata/

37 KB
9 KB

203ms
203ms

Document
text/html

34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/login/iframe/userdata/

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/0a08d48a-2ea4280064791d1b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel / Next.js

Resource Hash

a4769ff3be117c3c39b1aa56ca1a5cf3f26339c13a2ea08b19606209e11d42a8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-type: text/html; charset=utf-8
date: Tue, 21 May 2024 20:02:17 GMT
referrer-policy: origin
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
via: 1.1 google
x-content-type-options: nosniff
x-matched-path: /login/iframe/userdata/
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: iad1
x-vercel-id: fra1::iad1::s4rwr-1716321737300-b5132d754712
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=0, must-revalidate
content-type: text/html
date: Tue, 21 May 2024 20:02:17 GMT
location: /login/iframe/userdata/
refresh: 0;url=/login/iframe/userdata/
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 google
x-vercel-id: fra1::p8vkk-1716321737252-0fef205cf5c5

OPTIONS
H2 200 frontend
flags.biltrewards.com/api/ Frame 0
0 260ms
141ms Preflight 34.160.241.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://flags.biltrewards.com/api/frontend?sessionId=80523746&appName=bilt-rewards&environment=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.241.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.241.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://www.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: POST, PUT, HEAD, PATCH, CONNECT, GET, DELETE, TRACE, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 21 May 2024 20:02:16 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google

GET
H2 200 GT-America-Standard-Medium.woff2
static.biltrewards.com/fonts/ 56 KB
56 KB 75ms
23ms Font
application/octet-stream 35.241.5.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.biltrewards.com/fonts/GT-America-Standard-Medium.woff2
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.91 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.5.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 500ba18736d9e2fc79546b0f1ff540b8d022a0405718c9c460e6da300f18f7d3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 19:09:28 GMT
age: 3169
x-guploader-uploadid: ABPtcPrXay6UFWLp6rvcJHrhb4681HpeDE0tftnpY_6VE0drfWgH-PYRYUvtHho0adzDbnP7UGc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-x-goog-reserved-source-generation: 1684953483763390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57076
last-modified: Sat, 23 Sep 2023 19:54:37 GMT
server: UploadServer
etag: "63dc66a0acb63f7b9c52d3a1996896dc"
x-goog-generation: 1695498877684028
x-goog-hash: crc32c=rAUnxg==, md5=Y9xmoKy2P3ucUtOhmWiW3A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 57076
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 GT-America-Standard-Regular.woff2
static.biltrewards.com/fonts/ 57 KB
57 KB 106ms
54ms Font
application/octet-stream 35.241.5.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.biltrewards.com/fonts/GT-America-Standard-Regular.woff2
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.91 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.5.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9182e5785106498f498602328fe7137d757143fcf66ff2f263ac75f3ca54d7e2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 19:09:28 GMT
age: 3169
x-guploader-uploadid: ABPtcPrVaKa6iRMFHH5qEJu77pwfU_WbTwOaaZNfQPQ6ND_igYlbCEBRXljjSqB4-oAaKyJqopg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-x-goog-reserved-source-generation: 1679355032260337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58164
last-modified: Sat, 23 Sep 2023 19:54:36 GMT
server: UploadServer
etag: "34faea2a319852842506af0b1871af2f"
x-goog-generation: 1695498876746138
x-goog-hash: crc32c=3JtdcA==, md5=NPrqKjGYUoQlBq8LGHGvLw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 58164
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 Allyant_Accessibility_Badge.svg
static.biltrewards.com/assets/footer/ 9 KB
9 KB 97ms
23ms Image
image/svg+xml 35.241.5.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.biltrewards.com/assets/footer/Allyant_Accessibility_Badge.svg
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.91 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.5.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: be575da13139662c6322fa3d100cda159a93f55517aff329b03db8f5e1a721a8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 19:54:14 GMT
age: 483
x-guploader-uploadid: ABPtcPojY3548-fXDOChAiaJ1tgEI6HYRIm7V_Ioev2yS1OZpzjHrjvhE4KjVo_2fhFmLgdunsPQ3_zz_A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8902
last-modified: Mon, 22 Apr 2024 14:38:56 GMT
server: UploadServer
etag: "ec60b6278480c91cc0bdf8f7b2891638"
vary: Origin
x-goog-generation: 1713796736912798
x-goog-hash: crc32c=PEyyKw==, md5=7GC2J4SAyRzAvfj3sokWOA==
content-type: image/svg+xml
cache-control: public,max-age=3600
x-goog-stored-content-length: 8902
accept-ranges: bytes

GET
H2 200 rent-day Show response
www.biltrewards.com/api/ 161 B
3 KB 26ms
26ms XHR
application/json 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/api/rent-day

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0a2ee8b099b0c80d0eada0953ad1225481e99803316fa8e0eb1cf297f5e700c3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.biltrewards.com/
baggage: sentry-environment=production,sentry-release=63f5e51450db435a675ffcb25bfbf3014ce19947,sentry-public_key=50f039ff934e419597bde8e7652fc3d8,sentry-trace_id=e7e04b30b75a4d37b5821b39d009430d,sentry-sample_rate=0.025,sentry-sampled=false
sentry-trace: e7e04b30b75a4d37b5821b39d009430d-8185c5c9f9d1e92f-0
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:00:19 GMT
strict-transport-security: max-age=63072000
age: 118
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::dclll-1716321737251-105203ac817b
x-matched-path: /api/rent-day
x-vercel-cache: STALE
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: application/json
cache-control: public

GET
H3 400 token Show response
id.biltrewards.com/public/user/authentication/ 164 B
182 B 168ms
167ms XHR
application/json 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.biltrewards.com/public/user/authentication/token
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.183.110.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: a6c1c849c5889226e5d9dffe2e3c2f551203e54c7ad9e7824b91dd8e4b94bdce

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
content-type: application/json;
access-control-allow-origin: https://www.biltrewards.com
x-cloud-trace-context: 5efd8350493176930c955d3751ca3239
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160

GET
H2 200 frontend Show response
flags.biltrewards.com/api/ 6 KB
995 B 142ms
141ms Fetch
application/json 34.160.241.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://flags.biltrewards.com/api/frontend?sessionId=80523746&appName=bilt-rewards&environment=default
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.241.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.241.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 200981091b738ff3174a11acbbed1e6dc8c2d1f6ff5003b089f93831b70554c7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: bilt-frontend:production.4ecbf2972c41cd20e95e223a3a8f1be63d54d659b61391749811b96e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.biltrewards.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: br
via: 1.1 google
etag: W/"16a4-9zMdzA7p466-Qk1x1i4-bQ=="
vary: accept-encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 90ms
29ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/assets/vendor/ada-compliance.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a1dd919cb7b76ee7984bd8107f188d4fd04281690c50fcf0359503c3961be961

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 424
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 3419
x-accel-date: 1716318318
x-77-nzt: EgwB1GY4sQH3Ww0AAAwBJRPCNAH3HwAAAA
x-accel-expires: @1716321918
x-77-age: 3419
last-modified: Tue, 21 May 2024 12:47:22 GMT
server: CDN77-Turbo
etag: W/"756a9be22041dae5f94ea744c6805ab1"
x-77-nzt-ray: 1cb09c0ebe71b130c9fd4c6647604113
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: _1YgAAmxWcfxoJLdaMTaupbPpj4drIAYxVYk9ZNncO3E84bY5wl0aw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/ 519 KB
207 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92f0b552deffbf207cee5389713056c7c3d27e4b9b9edaf29338d01a83c5962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210834
x-xss-protection: 0
last-modified: Mon, 13 May 2024 17:44:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 May 2025 17:19:46 GMT

GET
H3 200 ui.js Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ 295 KB
83 KB 79ms
51ms Script
text/javascript 2606:4700:3108::ac42:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ui.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:28c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87a3392313500de980b01445d72f2f7e95bc0d26d5f938bb2f1a7ab569caf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16551
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"2ff4fae52b8ac954d5874b92987806e9"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 887729ca8d6237f7-FRA
expires: Tue, 21 May 2024 20:03:17 GMT

GET
H2 200 web Show response
id.biltrewards.com/fsrelay/s/settings/13PEW8/v1/ 6 KB
7 KB 147ms
146ms XHR
application/json 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.biltrewards.com/fsrelay/s/settings/13PEW8/v1/web
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.183.110.34.bc.googleusercontent.com
Software: /
Resource Hash: bb86d91e3b389c31862f4b8bf4751da190f0cf386e9c1af4b193fb7f36754733

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.biltrewards.com
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google, 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 404 / Show response
www.biltrewards.com/ 6 KB
2 KB 95ms
92ms Fetch
text/html 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

dfff3a1130306704612579a8d17745d444271bec22685969eb5b560aeb15f4b1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
strict-transport-security: max-age=63072000
age: 1264
content-disposition: inline; filename="404"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::xmj28-1716321737424-47454d2cc508
x-matched-path: /404
etag: W/"2b6d37f23770b4e36e9b8a320f85efb7"
x-vercel-cache: HIT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate

GET
H2 200 rewards Show response
www.biltrewards.com/ 155 B
3 KB 143ms
142ms Fetch
text/x-component 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/rewards?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

224ba832aea3503a168a0d85c38220a7c06bd3b879616fe83f9bc5634855a532

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::dclll-1716321737399-c18ca80430fa
x-matched-path: /rewards.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 rent Show response
www.biltrewards.com/account/ 231 B
3 KB 142ms
141ms Fetch
text/x-component 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/account/rent?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

0d114f64e39bf25e2d452e0400803b5cb7ab5d299cdee93b06d9c936eadbdccd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::tf4w9-1716321737399-68911a8020d2
x-matched-path: /account/rent.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 dining Show response
www.biltrewards.com/rewards/ 179 B
3 KB 147ms
147ms Fetch
text/x-component 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/rewards/dining?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

2f560ce04e19b164e9b17542b096867c6d129fd4c7a2f6124aaba50eee6d37f4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::wbqfl-1716321737400-0f1a17aa8674
x-matched-path: /rewards/dining.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 travel Show response
www.biltrewards.com/rewards/ 179 B
3 KB 144ms
144ms Fetch
text/x-component 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/rewards/travel?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

a2d036f3418706629ba2297c561475f073479962d9a21973edab57c1057e738b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::2r2k6-1716321737400-45feea3d9754
x-matched-path: /rewards/travel.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
166 B 158ms
50ms Ping
text/plain 18.203.30.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.30.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-30-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
cross-origin-resource-policy: cross-origin
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET
H2 200 chunk-IVGDQOPF.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame A961 563 KB
166 KB 103ms
27ms Script
text/javascript 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-IVGDQOPF.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

eb1ffeccaf95fde9ecf145e4ea93852a46e7d42b04d38ec858b891c5f6dfd8fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 19:26:22 GMT
x-amz-version-id: 8oKJtm.34dMQ_1Z743w8KeFclSocvgYK
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 46293c8f7848e2378b777a1f48183614.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
age: 3026156
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="KYtibMxNJQgMMZ5WjYpFjR7WaHtRmPiU0qW_mf2psCuhlkP4JNLsaw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Apr 2024 19:09:30 GMT
server: CloudFront
etag: W/"afe18f4837ff901db978e3860b5b8f04"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: KYtibMxNJQgMMZ5WjYpFjR7WaHtRmPiU0qW_mf2psCuhlkP4JNLsaw==

GET
H2 200 chunk-ELYU6EKT.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame A961 447 B
1 KB 102ms
28ms Script
text/javascript 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-ELYU6EKT.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Jan 2024 02:31:13 GMT
x-amz-version-id: KBor7BFQn_pp2zxPGsA.bi5b6hyTs2yW
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 46293c8f7848e2378b777a1f48183614.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 10949465
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="kQXNp7p0AcatU6FtRCNkIQY3CrzmNYm2m4DiEtQ8C2K3ZxAItY3h_Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
content-length: 447
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jan 2024 18:18:07 GMT
server: CloudFront
etag: "bac0d5b5f6a61029b51079932ccda746"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: kQXNp7p0AcatU6FtRCNkIQY3CrzmNYm2m4DiEtQ8C2K3ZxAItY3h_Q==

GET
H2 200 o5nx0y8gL9Q5XpEnTWw73jqlBv_82EBxcsRZtTau1_8.UVF2TTJC.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame A961 723 KB
103 KB 143ms
85ms Script
text/javascript 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/o5nx0y8gL9Q5XpEnTWw73jqlBv_82EBxcsRZtTau1_8.UVF2TTJC.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e310d272bb05b8caa31f4ec6de5437bfbd04800535c9069fa58550a911612ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 19:15:38 GMT
x-amz-version-id: _y1dlbWA1QfAM03AVP9Kw3OtIPLPr5Ay
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 46293c8f7848e2378b777a1f48183614.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
age: 3026799
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="GmQ17eV5vti_G18iJsJ1QE0vLouo3zofUEoctoawZROgtuXp9PauFw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Apr 2024 19:09:30 GMT
server: CloudFront
etag: W/"0ad570e3afd63a4d636754544e6c7b9f"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: GmQ17eV5vti_G18iJsJ1QE0vLouo3zofUEoctoawZROgtuXp9PauFw==

GET
H2 200 chunk-YMXEJLDD.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame A961 700 B
2 KB 85ms
28ms Script
text/javascript 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-YMXEJLDD.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

1d6ec88f567df6145ff31cc4f634d8c576965b5572838f97f9de77af6c3d3239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 07 Feb 2024 07:46:54 GMT
x-amz-version-id: kqrsrKuANINZi08S3mJ7cUCGizvoSq7Y
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 46293c8f7848e2378b777a1f48183614.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 9029724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="Iao1EaqHC8tXcHCcpZ48kb5r3p1s8TxwxDSzg-ySOgHoS4vklg2Gfw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 700
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Feb 2024 17:06:44 GMT
server: CloudFront
etag: "f2a1f09b1f23f395f4d6d7dd9f39d37b"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Iao1EaqHC8tXcHCcpZ48kb5r3p1s8TxwxDSzg-ySOgHoS4vklg2Gfw==

GET
H2 200 chunk-42U43NKG.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame A961 44 B
955 B 101ms
100ms Script
text/javascript 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-42U43NKG.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 Nov 2023 16:55:56 GMT
x-amz-version-id: evlVAxy7o1HEHfkTxbxNsM7i9okrmm0E
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 46293c8f7848e2378b777a1f48183614.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14958382
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="mEJLiYbh8HEcZxliHRWsaVN6c3SoYvIW-ghcTN7psGom6k-LJ6Doew==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
content-length: 44
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Nov 2023 16:29:22 GMT
server: CloudFront
etag: "f5fe0cab78140e0e5aa29f68ce8c2888"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mEJLiYbh8HEcZxliHRWsaVN6c3SoYvIW-ghcTN7psGom6k-LJ6Doew==

GET
H2 200 script Show response
events.framer.com/ Frame A961 16 KB
6 KB 451ms
356ms Script
text/javascript 13.32.110.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.framer.com/script

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-73.vie50.r.cloudfront.net

Software

Resource Hash

03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: gzip
via: 1.1 c855d201fddbb6ef22989607fe8f5d1e.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length: 15882
x-amz-cf-pop: VIE50-C2
x-amzn-requestid: 5e4903e7-8bc5-49d3-9132-63edcacae56c
x-amzn-trace-id: Root=1-664cfdc9-3632d13e45819ed611f09b22
x-cache: Miss from cloudfront
content-type: text/javascript
timestamp: Tue, 21 May 2024 19:58:02 GMT
x-amz-apigw-id: YIyXlFThoAMEF6Q=
content-length: 5325
x-amz-cf-id: HesPlPYMWrmDPlLulgGw-kbyCuVh3eBlxaDlVFgGJpl42F7jztCBnQ==

GET
H2 200 QjUw3jJCmMzYz9c4QnfbBW9f90.png
framerusercontent.com/images/ Frame A961 176 KB
177 KB 106ms
32ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/QjUw3jJCmMzYz9c4QnfbBW9f90.png?scale-down-to=2048

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0f21a3f784c0a180951483e44e8878606dd7e74c330a40afdcabfd998bd9ed9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 07:16:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 12401127
x-amzn-requestid: 93163bec-85c6-4ed1-8290-c1f9df2c9dac
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="lvQFDqPlJOHTwJCo9Oub1u7kBnT8eXyVOFBCMDJ0IuwDqsv8MZFLjA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-658fc3e1-57315a206d7a02da7190c7b6;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: lvQFDqPlJOHTwJCo9Oub1u7kBnT8eXyVOFBCMDJ0IuwDqsv8MZFLjA==

GET
H2 200 OJrwICelx547sU9TUfsOWWw2XU.png
framerusercontent.com/images/ Frame A961 74 KB
75 KB 106ms
32ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OJrwICelx547sU9TUfsOWWw2XU.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cf864361a24b9afe094f76d502d804e878318535e9479c428babec04f792bb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 21:01:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 12351627
x-amzn-requestid: 6bd86dc0-47a2-4c16-a0c3-51f3b79bd10b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="jSNFONY5BVxOY4RTjb_2X-G_OltfQ8jNujz2ECTrxW5LDAL3dT5NUA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6590853d-6cbbd6e16a26746a51f173da;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: jSNFONY5BVxOY4RTjb_2X-G_OltfQ8jNujz2ECTrxW5LDAL3dT5NUA==

GET
H2 204 init Show response
mgln.ai/ 0
1 KB 142ms
128ms XHR
text/plain 2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgln.ai/init

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-length: 0
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716321737&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ArhceuuzUCcFnnM5qotf29F4n2EBCTxObts%2F%2BM0QQnQ%3D
x-request-id: 45bfbb9b-cdcd-468b-8f32-bf1a923ce65a
x-runtime: 0.001940
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET, POST
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716321737&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ArhceuuzUCcFnnM5qotf29F4n2EBCTxObts%2F%2BM0QQnQ%3D"}]}
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache
vary: Origin
cf-ray: 887729cafb706910-FRA

GET
H2 200 fs.js Show response
id.biltrewards.com/fsedge/s/ Frame A961 273 KB
0 0ms
0ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.biltrewards.com/fsedge/s/fs.js
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.183.110.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 19:04:59 GMT
content-encoding: br
via: 1.1 google
age: 3438
x-guploader-uploadid: ABPtcPom4IxkzNDoO1Bqrqm7FRdw4QbIenmp07XCxfQmKtcOzyV-FQiO6dxlYCfJ2Pn9mtOIi9VTD9zbjw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75399
last-modified: Thu, 16 May 2024 15:58:30 GMT
server: UploadServer
etag: "9518bfdd8ce5a4d07426912e49eab44e"
vary: Accept-Encoding
x-goog-generation: 1715875109988133
x-goog-hash: crc32c=iqU1ow==, md5=lRi/3YzlpNB0JpEuSeq0Tg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 75399
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 21 May 2024 20:04:59 GMT

GET
H2 200 QjUw3jJCmMzYz9c4QnfbBW9f90.png
framerusercontent.com/images/ Frame A961 176 KB
0 64ms
64ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/QjUw3jJCmMzYz9c4QnfbBW9f90.png?scale-down-to=2048

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0f21a3f784c0a180951483e44e8878606dd7e74c330a40afdcabfd998bd9ed9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 07:16:50 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 12401127
x-amzn-requestid: 93163bec-85c6-4ed1-8290-c1f9df2c9dac
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="lvQFDqPlJOHTwJCo9Oub1u7kBnT8eXyVOFBCMDJ0IuwDqsv8MZFLjA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-658fc3e1-57315a206d7a02da7190c7b6;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: lvQFDqPlJOHTwJCo9Oub1u7kBnT8eXyVOFBCMDJ0IuwDqsv8MZFLjA==

GET
H2 200 OJrwICelx547sU9TUfsOWWw2XU.png
framerusercontent.com/images/ Frame A961 74 KB
0 63ms
63ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OJrwICelx547sU9TUfsOWWw2XU.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cf864361a24b9afe094f76d502d804e878318535e9479c428babec04f792bb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 21:01:50 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 12351627
x-amzn-requestid: 6bd86dc0-47a2-4c16-a0c3-51f3b79bd10b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="jSNFONY5BVxOY4RTjb_2X-G_OltfQ8jNujz2ECTrxW5LDAL3dT5NUA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6590853d-6cbbd6e16a26746a51f173da;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: jSNFONY5BVxOY4RTjb_2X-G_OltfQ8jNujz2ECTrxW5LDAL3dT5NUA==

GET
H2 200 GT-America-Extended-Bold.woff2
static.biltrewards.com/fonts/ 63 KB
63 KB 26ms
24ms Font
application/octet-stream 35.241.5.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.biltrewards.com/fonts/GT-America-Extended-Bold.woff2
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.91 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.5.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4b0bb6d8a058a42f5caa03df8bb35b72fed5a1987f6e10602ceb384ddb10d41a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 19:00:36 GMT
age: 3701
x-guploader-uploadid: ABPtcPryd02OKUEXCIwixeKVLEbflGQ1rH4lBWVC65u5sUCnHSF9O5yDGPcc4GaFdlXwt-WQM6ghhj_VhQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-x-goog-reserved-source-generation: 1679355033778551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64096
last-modified: Sat, 23 Sep 2023 19:54:37 GMT
server: UploadServer
etag: "62d21cb9a8474aa65c284dc0af48bc30"
x-goog-generation: 1695498877482917
x-goog-hash: crc32c=ri+bug==, md5=YtIcuahHSqZcKE3Ar0i8MA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 64096
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 LqDnnljXEwgpUOKntxS1EWW6Rg.woff2
framerusercontent.com/assets/ Frame A961 62 KB
63 KB 91ms
90ms Font
application/octet-stream 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/LqDnnljXEwgpUOKntxS1EWW6Rg.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b758c20d70f6b20fa85f31c23b9dea1ad5551a1cfd9ed56485c63cc592b2a15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 11 Dec 2023 19:43:08 GMT
x-amz-version-id: 2K1KJcp0J5ZC8eipZGka2Zx75YaYhk90
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 46293c8f7848e2378b777a1f48183614.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 13997949
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="gaKTcgP1HeBC4uutjGPGzZ3fbDmCzZyPK5olbLKozBz7B4yVru88Kg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
content-length: 63328
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 21:13:11 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "c2d37cba33fee33551bad2907242eab9"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gaKTcgP1HeBC4uutjGPGzZ3fbDmCzZyPK5olbLKozBz7B4yVru88Kg==

GET
H2 200 ZOQnZ28bo7qibfKtLjS7lnsO4~aPaqOZNJkxYT2qc_-WAEnT8sEAw10p7tnZdSX4PzEH4.woff2
framerusercontent.com/modules/assets/ Frame A961 57 KB
58 KB 84ms
83ms Font
application/octet-stream 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/assets/ZOQnZ28bo7qibfKtLjS7lnsO4~aPaqOZNJkxYT2qc_-WAEnT8sEAw10p7tnZdSX4PzEH4.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ae3cd625206f3b22398ce3e5ffcc22c2a6ff95a535e7c4addbfb7e7e2d146ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 22:33:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 46293c8f7848e2378b777a1f48183614.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 422917
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="Dx_t4vPjUus_gXcFrqBIbHIhP9TlzBDUhOX0Q1ubrSbWMy0k0ywOxw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
content-length: 58660
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-frame-options: deny
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
vary: Accept
timing-allow-origin: *
x-amz-cf-id: Dx_t4vPjUus_gXcFrqBIbHIhP9TlzBDUhOX0Q1ubrSbWMy0k0ywOxw==

GET
H2 200 s15i8VNMBMOyVBn9RdA2jtEVxk.woff2
framerusercontent.com/assets/ Frame A961 61 KB
62 KB 91ms
90ms Font
application/octet-stream 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/s15i8VNMBMOyVBn9RdA2jtEVxk.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9dd316606967a03abedcf35c83300f9763241b13a2066f67dabff0573def70e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 08 Oct 2023 21:54:56 GMT
x-amz-version-id: QzjntSJQOtTLeMbw9KBGRRx4g5m0iW0c
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 46293c8f7848e2378b777a1f48183614.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 19519642
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="84t8uz7BbEsvUd0ALYnGQFY4YjyjSxvLcADCO7-bkuCPLqas0r0VKw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
content-length: 62460
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 21:13:09 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "5fff9cfbc052741b83f04fadc035af87"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 84t8uz7BbEsvUd0ALYnGQFY4YjyjSxvLcADCO7-bkuCPLqas0r0VKw==

GET
H2 200 9vZ4CFUb3rKQR5PiFoCAG4XK9ds~OMnLjX5KG42fbQ9CabmPYWfngmsLKfBkxrst4820Nz8.woff2
framerusercontent.com/modules/assets/ Frame A961 56 KB
56 KB 90ms
89ms Font
application/octet-stream 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/assets/9vZ4CFUb3rKQR5PiFoCAG4XK9ds~OMnLjX5KG42fbQ9CabmPYWfngmsLKfBkxrst4820Nz8.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ff65c7581b6b14184d2d6ab9ebe9416b06fcbb86c3a7a32ca30b3bc7871256a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 22:33:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 46293c8f7848e2378b777a1f48183614.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 422917
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="MqjpDpNFKv866oi5CLir3l5F9-sKM_cLsWjsEiqJ0LEtVTGilHvAog==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
content-length: 56856
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-frame-options: deny
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
vary: Accept
timing-allow-origin: *
x-amz-cf-id: MqjpDpNFKv866oi5CLir3l5F9-sKM_cLsWjsEiqJ0LEtVTGilHvAog==

GET
H2 200 middleware.5d0661110e1603b9.js Show response
www.biltrewards.com/_next/static/chunks/ 27 KB
11 KB 91ms
91ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/middleware.5d0661110e1603b9.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/webpack-8714ed4b17298ec9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c142fc30fa0a276a0261c12ac2eb4a7c09a46689c7d468cd40cf14e8877cb1a9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="middleware.5d0661110e1603b9.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::xmj28-1716321737497-db8ef07559c4
x-matched-path: /_next/static/chunks/middleware.5d0661110e1603b9.js
etag: W/"7eaec9141dbf26ae762433e7f9af0899"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 ajs-destination.023685e4e7748bf3.js Show response
www.biltrewards.com/_next/static/chunks/ 30 KB
10 KB 30ms
29ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/ajs-destination.023685e4e7748bf3.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/webpack-8714ed4b17298ec9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1f87a6a1e17e3c94df2b142ae4fc42836b657bba1395405578885b85b865aca0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="ajs-destination.023685e4e7748bf3.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::dtmn5-1716321737477-012f4836e948
x-matched-path: /_next/static/chunks/ajs-destination.023685e4e7748bf3.js
etag: W/"d548746ce13634d71b0d9ac2e94c8a27"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 54ms
52ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10874839969&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2e98063ea80a7ed83a8a81c0d2622080ffb47eea79857cd75b0f09705209c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92708
x-xss-protection: 0
last-modified: Tue, 21 May 2024 18:46:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 May 2024 20:02:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
99 KB 75ms
72ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QLSYZKSM0E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8875d22c2bc4d96ced9745df19c868a2c2e743efb257a631d4e364194a892922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101111
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 May 2024 20:02:17 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
12 KB 95ms
20ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 5ccd2a2d0cfc8f7b36c238c935a36c751eb306a4f23788a0c6c33eec1a5a2071

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 07 May 2024 17:43:30 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "337f63427080a8d6a60316b759dab390"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12083

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 467ms
136ms Script
application/javascript 23.198.214.69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9G398RC77U9N0P9KPM0&lib=ttq
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.214.69 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-198-214-69.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 577c26306c4f8b78967bc49027d3dfc18775fb96e2868c60cee8f98bd0d161f2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1e2f469e.4c688708
date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24052120021786094A5F9C1C0C604E77-35D96D7662FF0A32-00
x-cache: TCP_MISS from a23-198-215-133.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time: 26,23.198.215.133
server-timing: cdn-cache; desc=MISS, edge; dur=17, origin; dur=9, inner; dur=3
content-length: 2292
pragma: no-cache
server: nginx
x-tt-logid: 2024052120021786094A5F9C1C0C604E77
x-cache-remote: TCP_MISS from a23-220-107-209.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.220.107.209
x-tt-trace-host: 013639f38019084264c9da60332244b87b1664d2ae6422c5769771da6f7b8fbd9f988873366c4a2409ffa5f77dd77f6262a278357ac988ff352a4b88d97edf44e782fa254cc442efb68d5d011b96378f568709459d0a0f99317830d1ff68dcba218842fb017cca56819826069b245ffb5c
expires: Tue, 21 May 2024 20:02:17 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 180ms
115ms Script
text/javascript 35.157.234.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.234.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-234-167.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ad0adb1d3ab2b667ef89e1a870135beed6c178b514d94e5a17c140d109a6b052

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 21 May 2024 20:02:17 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 b-00ri.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 113ms
33ms Script
application/javascript 2600:9000:2090:e800:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/b-00ri.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:e800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b220223a8800d05dc359ab6bd8cb71e35cf06dde9bedc2f5d9014df3b1e4e1ac

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 02:16:46 GMT
content-encoding: gzip
via: 1.1 0be6ab2f92b7567e05a874f049abbbe6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 63931
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: daLfxDE_kV_iyVZYQuMYynS2IQ2XUzfy95V9pqhB5fD43FDzOoXAyg==

GET
H2 200 Bxu6GY24oplllZd0X0beaOpeu1Y.png
framerusercontent.com/images/ Frame A961 33 KB
34 KB 95ms
91ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Bxu6GY24oplllZd0X0beaOpeu1Y.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

85f5de4dc60ee136c7f141c4999ed8ab88b9bf0aed3a5806f9cbc4283a901b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 21:04:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 20386688
x-amzn-requestid: 47a703ad-c5a4-4663-a7ca-41b0215b5529
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="EDdtCCEKljn3BTESXQcuoa6BLGGeZL6Oc4VVn9W0hhPRcJvDclmzTQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515ea49-22781c72779d140e4acf41d7;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: EDdtCCEKljn3BTESXQcuoa6BLGGeZL6Oc4VVn9W0hhPRcJvDclmzTQ==

GET
H2 200 Yq0ObCqEE6wFZWZK5Dp54noE4.png
framerusercontent.com/images/ Frame A961 39 KB
40 KB 90ms
85ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Yq0ObCqEE6wFZWZK5Dp54noE4.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

64ee05b98a022eb8e7c5f531342a77e8265378f08c4665c90e0b0ca953373b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 13814057
x-amzn-requestid: ac6a76f4-935a-4fe5-8b35-27cf98ada30c
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="BGoEY-voCT3cyDWENiHboaH3eDadyLkyZZlKil9tVzbJXZ60eCsIdQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-5adfee7741d945b93610ede9;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BGoEY-voCT3cyDWENiHboaH3eDadyLkyZZlKil9tVzbJXZ60eCsIdQ==

GET
H2 200 kPxJM4tLgnLH1CadICtjXQIzHyU.png
framerusercontent.com/images/ Frame A961 14 KB
14 KB 92ms
88ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kPxJM4tLgnLH1CadICtjXQIzHyU.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6ba51e661ea99d73f18d67c0759bdfa54b3c409cab8308cccb0b4e94e6750ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 13814057
x-amzn-requestid: 2e4005e3-d4f1-4223-8f10-ce4e29194f95
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="scVqfWlmfdVVOEb6CSfQuVuH5OrEc7GhLYIhGX-MWvQ7zXUDsROf0A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-166d1a7913e3bf6f4caff6ea;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: scVqfWlmfdVVOEb6CSfQuVuH5OrEc7GhLYIhGX-MWvQ7zXUDsROf0A==

GET
H2 200 kZedshteNKwEnTSThLDeUR8Dvg.png
framerusercontent.com/images/ Frame A961 3 KB
3 KB 93ms
89ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kZedshteNKwEnTSThLDeUR8Dvg.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2b6ffa1fda482766ba9db7607cf480fea2d6e045ea6d629cb1006b1384f43d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 13814067
x-amzn-requestid: 955dccb4-047a-403f-864a-55cccbf57bbd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="khOwWAMQKng0onPPfJyIvRUf9O7omusrMPf5ydqyGBU9nEVmpMMI5Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-4028c3652793ae1569eb83fd;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: khOwWAMQKng0onPPfJyIvRUf9O7omusrMPf5ydqyGBU9nEVmpMMI5Q==

GET
H2 200 PpmuiGEDXM3kHtBp5icQtJnddr8.png
framerusercontent.com/images/ Frame A961 36 KB
36 KB 103ms
99ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PpmuiGEDXM3kHtBp5icQtJnddr8.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c2f14ac6aa2d1007f23dbc8cd5535ae456550e6b6cec1114a60d56610e526861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 13814056
x-amzn-requestid: 570231b1-76ce-4948-b9d1-87e54e335dd5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="vTyp8zqQ0SPLq_SVBiWNeRHoPgXu_Kdg9BkaJA0cKHIbkNObPTVIfg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=13
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-441c7c2c01bc6a640ffabe9c;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: vTyp8zqQ0SPLq_SVBiWNeRHoPgXu_Kdg9BkaJA0cKHIbkNObPTVIfg==

GET
H2 200 u3YgOCmum1dUpL43rOc7L0t2pTE.png
framerusercontent.com/images/ Frame A961 37 KB
38 KB 98ms
94ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/u3YgOCmum1dUpL43rOc7L0t2pTE.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8fac5963cf08bccb52ed83675b4ab217e5c9dcf28d37f50f9b0f023fc0a9b783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14170262
x-amzn-requestid: 8de716e5-6484-465d-9b98-bf5b719b5ddf
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="BPZeNhmL1DmaiEcUUZ-PkA0pyciexpCQdcJHN4_ft4Lpuy2Bb_Wsyg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-40ada02066e2ce3903f68f4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BPZeNhmL1DmaiEcUUZ-PkA0pyciexpCQdcJHN4_ft4Lpuy2Bb_Wsyg==

GET
H2 200 q2ZbwDh95WKyNtMuZKqIZa0Y.png
framerusercontent.com/images/ Frame A961 69 KB
70 KB 106ms
102ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/q2ZbwDh95WKyNtMuZKqIZa0Y.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f72d0a5af37884e1b1b98c1d843591b5618a80cab198ce8e85cf4131dfde5524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14170262
x-amzn-requestid: 95e9b69a-0251-436a-88f6-acfa14840b49
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="czEidQsq7ZDjTnQc5yGLeZk701-La28HWC0Nx62BZSvXrP5eMKC3Uw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=11
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-62a3a44b33d91cba46c2e0b4;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: czEidQsq7ZDjTnQc5yGLeZk701-La28HWC0Nx62BZSvXrP5eMKC3Uw==

GET
H2 200 VyL41pOzjpyf0ifC7GjerSeo3E.png
framerusercontent.com/images/ Frame A961 45 KB
45 KB 113ms
109ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/VyL41pOzjpyf0ifC7GjerSeo3E.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

12eb90ba365f5499e5dcca6dfa9e11e5e451e601f20c46d05cacfa45bbe0fa68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 13814056
x-amzn-requestid: 7a18f60e-5932-47f5-875d-17f2793f98fd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="JguEU9WfCNFHGekaKAZZIp3_88sbz2G2QAcSdLVpoSOC9DssrOvqnA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=11
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-73b0f6ff3b15cf5703eadbaf;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JguEU9WfCNFHGekaKAZZIp3_88sbz2G2QAcSdLVpoSOC9DssrOvqnA==

GET
H2 200 ly7hsGndYyaskNI1AqcxaAt6I.png
framerusercontent.com/images/ Frame A961 24 KB
25 KB 119ms
115ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ly7hsGndYyaskNI1AqcxaAt6I.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4f452334c46c15d7198eb2155a3ec0d93ee81b7d1dfaaee86fe67532299b4f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 13814056
x-amzn-requestid: 26ed4e78-6421-49aa-8b87-e1be9f6ffb6f
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="MEfCrIwHLFEzVxnYPtscL55730WmxYugYatbDWrBhrT_imVDI5veaA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=13
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-319c6f954b10e76e02e15a89;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: MEfCrIwHLFEzVxnYPtscL55730WmxYugYatbDWrBhrT_imVDI5veaA==

GET
H2 200 RVFtmFp0chpaTRBkxXKss5HkWuI.png
framerusercontent.com/images/ Frame A961 25 KB
26 KB 114ms
111ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/RVFtmFp0chpaTRBkxXKss5HkWuI.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

dc9d99b4069719085cc1a67a93350f47b0d97185bc95c4afc509b917ca2a5ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14170262
x-amzn-requestid: c054beb9-a99a-44c8-b6e4-8efd99661635
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="ei0aOKKrcmGetnp2Qd-w2KKQRiuXgcWXqFFJzMKklIhHto1UlX9wIQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=12
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-689e8b4f72eef1440beb86f3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ei0aOKKrcmGetnp2Qd-w2KKQRiuXgcWXqFFJzMKklIhHto1UlX9wIQ==

GET
H2 200 wkMxGLA0wVGsaSgWt2doW86Zic.png
framerusercontent.com/images/ Frame A961 31 KB
32 KB 116ms
113ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wkMxGLA0wVGsaSgWt2doW86Zic.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5ac1c77c992ddf5093ee99f3128e769ce4e854e31d63a45a5c229fa012f3d27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 13814056
x-amzn-requestid: ba6827ad-aabc-411e-9dc2-dfa723dd0780
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="ArJOl01e-mXHHUhhhR9zQHmqnYeXQ59p9BQ6R1FvnS67Q3JuDqtykQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=12
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-644b15642b1ea7fc78e9b405;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ArJOl01e-mXHHUhhhR9zQHmqnYeXQ59p9BQ6R1FvnS67Q3JuDqtykQ==

GET
H2 200 UPxnowvsa2Fbt3lp5oDDFXRjROc.png
framerusercontent.com/images/ Frame A961 32 KB
33 KB 123ms
120ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/UPxnowvsa2Fbt3lp5oDDFXRjROc.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

af6eba57bf2517abf6514c8efc984691780db40d0468f1bf9e4d1f8687d0f3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14338092
x-amzn-requestid: e03300e0-9cad-43fc-8ab6-de726d6b5f30
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="OA4b_rhGHHv9M6XGlMTRWKXLir2-UgyB3zLGyxdlT4W2afJRvcBJxA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=14
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-765ffb934b7dbe1f748e348d;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OA4b_rhGHHv9M6XGlMTRWKXLir2-UgyB3zLGyxdlT4W2afJRvcBJxA==

GET
H2 200 2Zx97veGwo826dqlIbR2hMKiY.png
framerusercontent.com/images/ Frame A961 85 KB
86 KB 119ms
117ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/2Zx97veGwo826dqlIbR2hMKiY.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4dd34f61aca89d6bc803b2bd3feb6a97b9be91c52dc7cfb6bf64971b08b3f83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 05 Dec 2023 23:57:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14501079
x-amzn-requestid: c6578a5d-2b8c-483a-ac9d-b78066b234a7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="IAxYMee5ZfU2HCqBtSsY716GLQbjz7tdv-zqi9DQ1FgfdlTGY3MA3g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=13
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-656fb8f2-1a3284985a17b98d6b56e9b6;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: IAxYMee5ZfU2HCqBtSsY716GLQbjz7tdv-zqi9DQ1FgfdlTGY3MA3g==

GET
H2 200 i6iRuC8inkOu49dyb2cMx7KLX9o.png
framerusercontent.com/images/ Frame A961 32 KB
32 KB 125ms
122ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/i6iRuC8inkOu49dyb2cMx7KLX9o.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c04daf4d84b602e33cd55244de90765807629d32b9bec66402b61bbc9666995c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14338093
x-amzn-requestid: d1276dde-ce3c-43b3-bdf2-19fb56353b67
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="wOds-g7keFTdjN-GJyqTLrjBZhhpCg0YLl5gDBXCZ4VoYhkld3VpSQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=15
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-6d94249e4d78cc9c47e01d91;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wOds-g7keFTdjN-GJyqTLrjBZhhpCg0YLl5gDBXCZ4VoYhkld3VpSQ==

GET
H2 200 4Um58dLygSHRrlUbzVAaCiPfHeE.png
framerusercontent.com/images/ Frame A961 61 KB
62 KB 126ms
124ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/4Um58dLygSHRrlUbzVAaCiPfHeE.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

d065eff191539c5a5e24a3a4f1bb8ff55a32c7701e34d57ae8b49ca555bdeb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 02:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 13713276
x-amzn-requestid: 76e437ee-349e-4296-8605-83da030eb99b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="-swfkuU3U6sntib9B6hiPiUaGNlIbpUxzyI-Om4lvpXXOdCOfbK8pA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=16
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657bbe4d-6fba888c030366654cd8e9e2;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -swfkuU3U6sntib9B6hiPiUaGNlIbpUxzyI-Om4lvpXXOdCOfbK8pA==

GET
H2 200 OwD5vj1mJJkrw8fQ4TLBsZu7VY.png
framerusercontent.com/images/ Frame A961 67 KB
68 KB 128ms
126ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OwD5vj1mJJkrw8fQ4TLBsZu7VY.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

76d2ff093e6915059cf45b5a51b88ccd5e79c038e42ecd2cf5817403b6c52cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 13814055
x-amzn-requestid: 78b339dd-e4b5-456c-bb1c-74370a5115ab
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="SjS1R7rnj-fKxX4zlJt1qmbLZPq_UZNTr57_fWml5jxh7aQ_-usvxw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=17
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-47094d6076a345a112379c31;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: SjS1R7rnj-fKxX4zlJt1qmbLZPq_UZNTr57_fWml5jxh7aQ_-usvxw==

GET
H2 200 widget_app_base_1716295517676.js Show response
cdn.userway.org/widgetapp/2024-05-21-12-45-17/ 153 KB
44 KB 64ms
21ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/widget_app_base_1716295517676.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d11b7c69cef043660a87ba8e09946e83b7559a7202805e217d4ab03a56442298

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 2c4b655a5de1371195f92ed356802ebe.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-P1
age: 422
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 25564
x-accel-date: 1716296173
x-77-nzt: EgwB1GY4sQH33GMAAAwBnJIhJwH3IQAAAA
x-accel-expires: @1742216140
x-77-age: 25564
last-modified: Tue, 21 May 2024 12:47:16 GMT
server: CDN77-Turbo
etag: W/"a459cc0f5d2cb58eccafd4c53fbcd66a"
x-77-nzt-ray: 1cb09c0efc756736c9fd4c66856d4b21
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: GLIkY5LGUvSff80yeM1XS3L4gagSx3uvRVV6ccdZYOoWgJ6_xK-u9w==

GET
H2 200 card Show response
www.biltrewards.com/ 2 B
3 KB 26ms
25ms Fetch
application/json 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/card?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
date: Tue, 21 May 2024 20:02:17 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 1257
content-disposition: inline; filename="card.rsc"
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::wbqfl-1716321737527-b11d054bf585
x-matched-path: /card.rsc
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-vercel-cache: HIT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame A961 16 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6162a259efcc903ece88a8301a46b44e3a77c220b3752c01eb02caa0af358870

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 16 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab32bc58349446cd3c8761af45640b13ed01073a6553e5779a9b03852d591ca4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 536 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea9ed2f612e41fcd700060fad5eff94165c56fb549e6334173177b4a540a5a9d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5b3b178dc8df3767511096744a36ee3edcee7ed62be5f8504244e6b70cf7398

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 406 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 990fba98068c77b0616f1d04a1df3ae1e0b6a0fe19809beb34864ab99044ba78

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 8qn5SJXAslrGaAAxdWjJDc6gng.woff2
framerusercontent.com/assets/ Frame A961 47 KB
48 KB 30ms
30ms Font
application/octet-stream 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/8qn5SJXAslrGaAAxdWjJDc6gng.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b02546b57554da630a4827a7755b1f72d22374513f811dc0590ebe942758cbfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 12:32:13 GMT
x-amz-version-id: Uo2HPioSZt72O.VWi6F9mEBTdQw0j0ck
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 13678205
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="TwXQRmgELhj5d0kr6-InA_aHep5qiJUWMzHkzyuxDpn7YrPH2OfnAA==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
content-length: 48256
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 21:13:11 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "425ac390cb52f1e99c8b61faa7e6a235"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: TwXQRmgELhj5d0kr6-InA_aHep5qiJUWMzHkzyuxDpn7YrPH2OfnAA==

GET
H3 200 0iJMoAt43UHHN4iZwJ9BRySDSfM.woff2
framerusercontent.com/assets/ Frame A961 57 KB
58 KB 33ms
32ms Font
application/octet-stream 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/0iJMoAt43UHHN4iZwJ9BRySDSfM.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9182e5785106498f498602328fe7137d757143fcf66ff2f263ac75f3ca54d7e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 12:32:12 GMT
x-amz-version-id: AT_2BH0O2V6cPJxPyzU1of5S3JbluJW3
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 13678206
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="ani_P1RJMlo8AqApozYZk0zNPSxLGdrdXocNSRDJAUGqgvaGKQVsXA==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
content-length: 58164
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 21:13:09 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "3a1c34d491e0f22ddcce5ef4225fc4e4"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ani_P1RJMlo8AqApozYZk0zNPSxLGdrdXocNSRDJAUGqgvaGKQVsXA==

GET
H3 200 ZIA17DG79ouXlfoQjamRRhk3cc4.woff2
framerusercontent.com/assets/ Frame A961 56 KB
56 KB 33ms
32ms Font
application/octet-stream 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/ZIA17DG79ouXlfoQjamRRhk3cc4.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

500ba18736d9e2fc79546b0f1ff540b8d022a0405718c9c460e6da300f18f7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 08 Oct 2023 21:54:56 GMT
x-amz-version-id: 2bAIUvN.lJv0IRflfgk7e39O0NwsKLB9
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 19519642
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="jHrOTM8pqhfRFJuXsU2-gEJv6mcp8FJ_Uzj4fwdcBvKSwPdBs9wCEg==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
content-length: 57076
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jun 2023 17:17:03 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "ee4103e3d2fcb9bd36adc839b2456f83"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: jHrOTM8pqhfRFJuXsU2-gEJv6mcp8FJ_Uzj4fwdcBvKSwPdBs9wCEg==

GET
H2 200 Allyant_Accessibility_Badge.svg
static.biltrewards.com/assets/footer/ Frame C7B5 9 KB
0 2ms
2ms Image
image/svg+xml 35.241.5.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.biltrewards.com/assets/footer/Allyant_Accessibility_Badge.svg
Requested by: Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.91 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.5.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: be575da13139662c6322fa3d100cda159a93f55517aff329b03db8f5e1a721a8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 19:54:14 GMT
age: 483
x-guploader-uploadid: ABPtcPojY3548-fXDOChAiaJ1tgEI6HYRIm7V_Ioev2yS1OZpzjHrjvhE4KjVo_2fhFmLgdunsPQ3_zz_A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8902
last-modified: Mon, 22 Apr 2024 14:38:56 GMT
server: UploadServer
etag: "ec60b6278480c91cc0bdf8f7b2891638"
vary: Origin
x-goog-generation: 1713796736912798
x-goog-hash: crc32c=PEyyKw==, md5=7GC2J4SAyRzAvfj3sokWOA==
content-type: image/svg+xml
cache-control: public,max-age=3600
x-goog-stored-content-length: 8902
accept-ranges: bytes

GET
H3 200 webpack-5878aab0853b971f.js Show response
id.biltrewards.com/_next/static/chunks/ Frame C7B5 4 KB
2 KB 52ms
51ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/webpack-5878aab0853b971f.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

1edfef02c49e122736547dcac761d0e9462bff61547af5d22de4129db7bbf814

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11447
content-disposition: inline; filename="webpack-5878aab0853b971f.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::pg4rn-1716321737596-ffe504fd0a97
x-matched-path: /_next/static/chunks/webpack-5878aab0853b971f.js
etag: W/"e98af356946fd2a8e187fc702206ba17"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 0a08d48a-4dbd3104a60c9a9c.js Show response
id.biltrewards.com/_next/static/chunks/ Frame C7B5 168 KB
54 KB 98ms
95ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/0a08d48a-4dbd3104a60c9a9c.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

0d77c0ca71f84e8e1b82911c1c6e7ba7b5c192b1ce10bce9a8db97e08139e688

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11447
content-disposition: inline; filename="0a08d48a-4dbd3104a60c9a9c.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::lp4dx-1716321737888-10802a856947
x-matched-path: /_next/static/chunks/0a08d48a-4dbd3104a60c9a9c.js
etag: W/"02995431b62df8b1c8b38a1e08ba3f2e"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 229-b73ce4ace404a953.js Show response
id.biltrewards.com/_next/static/chunks/ Frame C7B5 223 KB
66 KB 56ms
53ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/229-b73ce4ace404a953.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

83aabe649060a7e2ae2d90805d2e69bfcb75b54156056654bea6e44ef5487d72

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11447
content-disposition: inline; filename="229-b73ce4ace404a953.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::4j7lm-1716321737888-fb2def2e399c
x-matched-path: /_next/static/chunks/229-b73ce4ace404a953.js
etag: W/"0dc8b8f8e79454fae0001b8f92bf3d69"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 main-app-ecc18bccaab22bb9.js Show response
id.biltrewards.com/_next/static/chunks/ Frame C7B5 4 KB
2 KB 49ms
47ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/main-app-ecc18bccaab22bb9.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

c019d325c62069c72d33abc71f656af0450f288fffe69a2608240b9126966c99

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11626
content-disposition: inline; filename="main-app-ecc18bccaab22bb9.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::lvklt-1716321737887-19be7a4db867
x-matched-path: /_next/static/chunks/main-app-ecc18bccaab22bb9.js
etag: W/"58318b1167e669d65ee063f5af4e9198"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 721-2cdcc63a9f471ed1.js Show response
id.biltrewards.com/_next/static/chunks/ Frame C7B5 93 KB
33 KB 96ms
94ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/721-2cdcc63a9f471ed1.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

ecb6a4d933a00cfe52f85667db28eda1780e587a99b82356d51da319d6393b1a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11447
content-disposition: inline; filename="721-2cdcc63a9f471ed1.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::2jx9z-1716321737888-ecc514f30b0e
x-matched-path: /_next/static/chunks/721-2cdcc63a9f471ed1.js
etag: W/"e16ae8fa970bcea41cfc409b7840368f"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 page-7dcf1595574e4d4f.js Show response
id.biltrewards.com/_next/static/chunks/app/login/iframe/userdata/ Frame C7B5 4 KB
2 KB 54ms
51ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/app/login/iframe/userdata/page-7dcf1595574e4d4f.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

559fc6f9f8dcf6e1770482ea27fc2155e8809213e72254a17735d66b7f436fc3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11496
content-disposition: inline; filename="page-7dcf1595574e4d4f.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::zrqqw-1716321737888-5348c22f4ab7
x-matched-path: /_next/static/chunks/app/login/iframe/userdata/page-7dcf1595574e4d4f.js
etag: W/"52c2ab2ec1b6c61b3f064ff327762df0"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 a1377a71-fd6e3887691d8424.js Show response
id.biltrewards.com/_next/static/chunks/ Frame C7B5 117 KB
38 KB 68ms
65ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/a1377a71-fd6e3887691d8424.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

12ce72c5dd8a160d24d631751a8cac946705951d40e2138443784332c1fb4bc1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11447
content-disposition: inline; filename="a1377a71-fd6e3887691d8424.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::zshtf-1716321737888-86b70387d1a0
x-matched-path: /_next/static/chunks/a1377a71-fd6e3887691d8424.js
etag: W/"c7cb8d8f3220b324d05f9afcde0465e2"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 920f9719-b6306853ec5fcb52.js Show response
id.biltrewards.com/_next/static/chunks/ Frame C7B5 80 KB
21 KB 80ms
78ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/920f9719-b6306853ec5fcb52.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

bcf6db8e2b32f2b799eea191434b4090cbb642ee936fd8c169ac7979d69b7b51

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5093
content-disposition: inline; filename="920f9719-b6306853ec5fcb52.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::f4852-1716321737888-30c57856a8f3
x-matched-path: /_next/static/chunks/920f9719-b6306853ec5fcb52.js
etag: W/"8c5cb699c5140564e032053d653282cf"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 420-cb6aac3e7001db81.js Show response
id.biltrewards.com/_next/static/chunks/ Frame C7B5 327 KB
106 KB 114ms
112ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/420-cb6aac3e7001db81.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

54fa695dcb5948cc6327d4992d79a37da343811db6286e569ed6e3cb0cbe8f54

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11447
content-disposition: inline; filename="420-cb6aac3e7001db81.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::6xs45-1716321737888-773e8ed38881
x-matched-path: /_next/static/chunks/420-cb6aac3e7001db81.js
etag: W/"468d5791af7e83f03ad3a6efe20a4258"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 956-979c1c6573794c8a.js Show response
id.biltrewards.com/_next/static/chunks/ Frame C7B5 49 KB
18 KB 94ms
92ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/956-979c1c6573794c8a.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

6266e044e9d67f5e08c39dec30aeb2c9ffc3dbf6c837a6f60da52b050b474794

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11447
content-disposition: inline; filename="956-979c1c6573794c8a.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::lvklt-1716321737888-4e797a6f7d31
x-matched-path: /_next/static/chunks/956-979c1c6573794c8a.js
etag: W/"5e532490d718659e463dda126fa78820"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 534-1810f0dd1ab4b5da.js Show response
id.biltrewards.com/_next/static/chunks/ Frame C7B5 25 KB
9 KB 64ms
62ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/534-1810f0dd1ab4b5da.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

cabadde351faaef576e9bea2b85cb40594e63eada1640633c7cc8c75a1b4c3fb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11447
content-disposition: inline; filename="534-1810f0dd1ab4b5da.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::wbqfl-1716321737888-696fea3eff35
x-matched-path: /_next/static/chunks/534-1810f0dd1ab4b5da.js
etag: W/"322563aed3c168134be3d063c6352335"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 923-2dbaf43d4a4ec670.js Show response
id.biltrewards.com/_next/static/chunks/ Frame C7B5 298 KB
95 KB 109ms
107ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/923-2dbaf43d4a4ec670.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

8ab7073e016757e65f74fbb04d82d1f3ccd543a6bef4b0191fb5e9c1cfe88db8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11127
content-disposition: inline; filename="923-2dbaf43d4a4ec670.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::dtmn5-1716321737887-466cbc2a18d7
x-matched-path: /_next/static/chunks/923-2dbaf43d4a4ec670.js
etag: W/"1b34e4b68ba63d560874101d0ccd4c46"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 layout-c5fbbf32502b7cfe.js Show response
id.biltrewards.com/_next/static/chunks/app/ Frame C7B5 61 KB
16 KB 112ms
110ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/_next/static/chunks/app/layout-c5fbbf32502b7cfe.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Vercel /

Resource Hash

bf7097003d613081cff11d5910e48e56f7151c71265665e078054f45bccb2097

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: .biltrewards.com .deviceinfresolver.com .sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' .biltrewards.com ; font-src 'self' .biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .biltrewards.com biltrewards.com .lvh.me:3000 .henridev.com .henrihome.com ; frame-src 'self' .biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' .biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: *.biltrewards.com *.deviceinfresolver.com *.sentry.io biltrewards.zendesk.com telemetry.transcend.io transcend-cdn.com vitals.vercel-insights.com advanced.neuro-id.com receiver.neuroid.cloud logs.neuro-id.com ; default-src 'self' *.biltrewards.com ; font-src 'self' *.biltrewards.com fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.biltrewards.com biltrewards.com *.lvh.me:3000 *.henridev.com *.henrihome.com ; frame-src 'self' *.biltrewards.com biltrewards.ada.support sync-transcend-cdn.com vercel.live www.google.com ; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.biltrewards.com cdn.deviceinf.com transcend-cdn.com vercel.live www.google.com www.gstatic.com scripts.neuro-id.com advanced.neuro-id.com ; style-src 'self' 'unsafe-inline' *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11496
content-disposition: inline; filename="layout-c5fbbf32502b7cfe.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::8lvwl-1716321737887-5f70291594a5
x-matched-path: /_next/static/chunks/app/layout-c5fbbf32502b7cfe.js
etag: W/"ab1ee1cecf93cff58f5a779603f3881a"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H3 200 agent.js Show response
cdn.deviceinf.com/js/v4/ Frame C7B5 310 KB
0 2ms
2ms Script
application/javascript 2606:4700:3035::6815:1a90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.deviceinf.com/js/v4/agent.js
Requested by: Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1a90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:16 GMT
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
via: 1.1 36f7726d79b9a22a1e91ae6451962028.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P4
age: 3061
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
server: cloudflare
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DRXwnXwakAyMODStn63iAF8e8fkUgR6FUw25a4iBCkOi165ACeY8D6gjl04qMWYIoFF2W5U2XjnqZU4p%2F2wEFUKcEBiS%2ByyrNdH3LClxNFW8bKXi3Yj7A6TE71sd09oiT1ttWTkiJ17R8SW8D4U0Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 887729c7be0a3a3d-FRA
x-amz-cf-id: OQoGQPXItVc8SGmHo9GeF763193IOTpcjlTlxekQ7kvToPdXs2-DUg==

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ Frame C7B5 2 KB
0 3ms
3ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

709706dfb7e22c6e5ca984f873db12456005a948623716f0d122e4fff48e2be0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 21 May 2024 20:02:16 GMT

GET
H3 200 airgap.js Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ Frame C7B5 105 KB
281 B 56ms
53ms Script
text/javascript 2606:4700:3108::ac42:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:28c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

193f70e3ef4fb576a502cd67546306e9ec798eb04db2cbb8f42e19b719f75fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81391
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"f40739130aa0cc889c7fc63c2ffe78ae"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 887729cbffa43a86-FRA
expires: Tue, 21 May 2024 20:03:17 GMT

GET
H2 206 ysCNtc4urbg6XoahxtFjQ5iM.mp4
framerusercontent.com/assets/ Frame A961 1 MB
0 30ms
29ms Media
video/mp4 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/ysCNtc4urbg6XoahxtFjQ5iM.mp4

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://www2.biltrewards.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 21 Feb 2024 19:18:05 GMT
x-amz-version-id: ZGpzvVL52zWME_U_sZUF.yLajT1DjUei
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 7778653
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
Content-Range: bytes 0-7171940/7171941
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="pQ1GtEqKqf3hw6O45vaIY2l2A3iSF2FWGs5u3TLQ8oDtSYwriKmPAw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
Content-Length: 7171941
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Feb 2024 19:00:48 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "007bb0d7a6f76537bc66283ea97c56f3"
x-frame-options: deny
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: pQ1GtEqKqf3hw6O45vaIY2l2A3iSF2FWGs5u3TLQ8oDtSYwriKmPAw==

GET
H2 200 6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
framerusercontent.com/images/ Frame A961 214 B
987 B 42ms
42ms Image
image/svg+xml 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/6tTbkXggWgQCAJ4DO2QEdXXmgM.svg

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jul 2023 10:01:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 27424877
x-amzn-requestid: cd6fe516-7186-49ea-8583-2bab5f74ff2a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="d4EO-U-4o0vPWECVFpuA6QBZxFUvgzm_nYh_yoJX4RT0Wn-HKxCzYQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64aa855c-0af01ff92e851a665abb74ce;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: d4EO-U-4o0vPWECVFpuA6QBZxFUvgzm_nYh_yoJX4RT0Wn-HKxCzYQ==

GET
H2 200 11KSGbIZoRSg4pjdnUoif6MKHI.svg
framerusercontent.com/images/ Frame A961 215 B
985 B 43ms
42ms Image
image/svg+xml 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/11KSGbIZoRSg4pjdnUoif6MKHI.svg

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 12:09:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 14889162
x-amzn-requestid: f927c207-5d43-4a31-84ec-0d06d0c63c6a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="BCfcPtpU7fbFFXwd6KGeza1Orwo8ei0XXPanekbclBykqAbCXN0fsQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6569ccff-42414f1e2713071463b83623;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BCfcPtpU7fbFFXwd6KGeza1Orwo8ei0XXPanekbclBykqAbCXN0fsQ==

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 8145 0
0 105ms
58ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc&co=aHR0cHM6Ly93d3cuYmlsdHJld2FyZHMuY29tOjQ0Mw..&hl=de&v=8k85QBI-qzxmenDv318AZH30&size=invisible&cb=1at39x2e5kwd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RaJ1DdpxfqFamSyE4BgQAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RaJ1DdpxfqFamSyE4BgQAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 20:02:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cm.css
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ 15 KB
4 KB 59ms
59ms Stylesheet
text/css 2606:4700:3108::ac42:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/cm.css

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ui.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:28c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36fe8d60c96300f39cef881c83445907bb7a1d0f00b71ffaf38916bc08f99585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81381
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"58539a2b908f4e73e04d4f950b1b35a3"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 887729cd39983a86-FRA
expires: Tue, 21 May 2024 20:03:17 GMT

OPTIONS
H2 200 view
mgln.ai/ Frame 0
0 221ms
163ms Preflight 2606:4700:20::ac43:484f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mgln.ai/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:484f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 887729cdca1303d8-FRA
content-length: 0
date: Tue, 21 May 2024 20:02:18 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716321737&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ArhceuuzUCcFnnM5qotf29F4n2EBCTxObts%2F%2BM0QQnQ%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716321737&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ArhceuuzUCcFnnM5qotf29F4n2EBCTxObts%2F%2BM0QQnQ%3D
server: cloudflare
via: 1.1 vegur

OPTIONS
H2 200 view
mgln.ai/ Frame 0
0 175ms
118ms Preflight 2606:4700:20::ac43:484f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mgln.ai/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:484f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 887729cdca1703d8-FRA
content-length: 0
date: Tue, 21 May 2024 20:02:17 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716321737&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ArhceuuzUCcFnnM5qotf29F4n2EBCTxObts%2F%2BM0QQnQ%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716321737&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ArhceuuzUCcFnnM5qotf29F4n2EBCTxObts%2F%2BM0QQnQ%3D
server: cloudflare
via: 1.1 vegur

POST
H2 204 view Show response
mgln.ai/ 0
96 B 116ms
115ms XHR
text/plain 2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgln.ai/view

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-length: 0
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716321738&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=Yv5JFjJthUShYZqJhWvewte8ic2DlqpTWRkkpLAmYAc%3D
x-request-id: a0ff33b7-bc82-4b7d-a26e-7d3f823b5d08
x-runtime: 0.003178
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET, POST
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716321738&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=Yv5JFjJthUShYZqJhWvewte8ic2DlqpTWRkkpLAmYAc%3D"}]}
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache
vary: Origin
cf-ray: 887729cecfee6910-FRA

POST
H2 204 view Show response
mgln.ai/ 0
382 B 79ms
67ms XHR
text/plain 2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgln.ai/view

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-length: 0
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716321738&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=Yv5JFjJthUShYZqJhWvewte8ic2DlqpTWRkkpLAmYAc%3D
x-request-id: 672875ea-a7a5-41c5-af75-30d43f88b535
x-runtime: 0.005811
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET, POST
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716321738&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=Yv5JFjJthUShYZqJhWvewte8ic2DlqpTWRkkpLAmYAc%3D"}]}
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache
vary: Origin
cf-ray: 887729ce9f966910-FRA

GET
H2

200

pixel
eu.mgln.ai/
Redirect Chain

https://mgln.ai/pixel/sync.gif
https://pixel.tapad.com/idsync/ex/receive?partner_id=3365&partner_device_id=fd19026b-af77-4284-bd02-da289481e9ad&partner_url=https%3A%2F%2Feu.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3365&partner_device_id=fd19026b-af77-4284-bd02-da289481e9ad&partner_url=https%3A%2F%2Feu.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D
https://eu.mgln.ai/pixel?tapad_id=3af2a101-753b-48ea-be89-6ce6fd205c9a

43 B
297 B

98ms
78ms

Image
image/gif

2606:4700:20::681a:3b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.mgln.ai/pixel?tapad_id=3af2a101-753b-48ea-be89-6ce6fd205c9a

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Server

2606:4700:20::681a:3b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-transfer-encoding: binary
content-disposition: inline; filename="magellan_pixel.gif"; filename*=UTF-8''magellan_pixel.gif
content-length: 43
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716321738&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=Yv5JFjJthUShYZqJhWvewte8ic2DlqpTWRkkpLAmYAc%3D
x-request-id: ac67c630-6dd8-4940-818c-de56ff33d28b
x-runtime: 0.001409
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a065920df8cc4016d67c3a464be90099"
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716321738&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=Yv5JFjJthUShYZqJhWvewte8ic2DlqpTWRkkpLAmYAc%3D"}]}
content-type: image/gif
vary: Origin
cache-control: max-age=0, private, must-revalidate
cf-ray: 887729cf28646910-FRA

Redirect headers

date: Tue, 21 May 2024 20:02:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://eu.mgln.ai/pixel?tapad_id=3af2a101-753b-48ea-be89-6ce6fd205c9a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 kZedshteNKwEnTSThLDeUR8Dvg.png
framerusercontent.com/images/ Frame A961 3 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kZedshteNKwEnTSThLDeUR8Dvg.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2b6ffa1fda482766ba9db7607cf480fea2d6e045ea6d629cb1006b1384f43d3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814067
x-amzn-requestid: 955dccb4-047a-403f-864a-55cccbf57bbd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="khOwWAMQKng0onPPfJyIvRUf9O7omusrMPf5ydqyGBU9nEVmpMMI5Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-4028c3652793ae1569eb83fd;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: khOwWAMQKng0onPPfJyIvRUf9O7omusrMPf5ydqyGBU9nEVmpMMI5Q==

GET
H2 200 PpmuiGEDXM3kHtBp5icQtJnddr8.png
framerusercontent.com/images/ Frame A961 36 KB
0 2ms
2ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PpmuiGEDXM3kHtBp5icQtJnddr8.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c2f14ac6aa2d1007f23dbc8cd5535ae456550e6b6cec1114a60d56610e526861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814056
x-amzn-requestid: 570231b1-76ce-4948-b9d1-87e54e335dd5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="vTyp8zqQ0SPLq_SVBiWNeRHoPgXu_Kdg9BkaJA0cKHIbkNObPTVIfg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=13
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-441c7c2c01bc6a640ffabe9c;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: vTyp8zqQ0SPLq_SVBiWNeRHoPgXu_Kdg9BkaJA0cKHIbkNObPTVIfg==

GET
H2 200 u3YgOCmum1dUpL43rOc7L0t2pTE.png
framerusercontent.com/images/ Frame A961 37 KB
0 3ms
3ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/u3YgOCmum1dUpL43rOc7L0t2pTE.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8fac5963cf08bccb52ed83675b4ab217e5c9dcf28d37f50f9b0f023fc0a9b783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14170262
x-amzn-requestid: 8de716e5-6484-465d-9b98-bf5b719b5ddf
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="BPZeNhmL1DmaiEcUUZ-PkA0pyciexpCQdcJHN4_ft4Lpuy2Bb_Wsyg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-40ada02066e2ce3903f68f4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BPZeNhmL1DmaiEcUUZ-PkA0pyciexpCQdcJHN4_ft4Lpuy2Bb_Wsyg==

GET
H2 200 q2ZbwDh95WKyNtMuZKqIZa0Y.png
framerusercontent.com/images/ Frame A961 69 KB
0 3ms
3ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/q2ZbwDh95WKyNtMuZKqIZa0Y.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f72d0a5af37884e1b1b98c1d843591b5618a80cab198ce8e85cf4131dfde5524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14170262
x-amzn-requestid: 95e9b69a-0251-436a-88f6-acfa14840b49
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="czEidQsq7ZDjTnQc5yGLeZk701-La28HWC0Nx62BZSvXrP5eMKC3Uw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=11
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-62a3a44b33d91cba46c2e0b4;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: czEidQsq7ZDjTnQc5yGLeZk701-La28HWC0Nx62BZSvXrP5eMKC3Uw==

GET
H2 200 VyL41pOzjpyf0ifC7GjerSeo3E.png
framerusercontent.com/images/ Frame A961 45 KB
0 3ms
3ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/VyL41pOzjpyf0ifC7GjerSeo3E.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

12eb90ba365f5499e5dcca6dfa9e11e5e451e601f20c46d05cacfa45bbe0fa68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814056
x-amzn-requestid: 7a18f60e-5932-47f5-875d-17f2793f98fd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="JguEU9WfCNFHGekaKAZZIp3_88sbz2G2QAcSdLVpoSOC9DssrOvqnA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=11
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-73b0f6ff3b15cf5703eadbaf;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JguEU9WfCNFHGekaKAZZIp3_88sbz2G2QAcSdLVpoSOC9DssrOvqnA==

GET
H2 200 ly7hsGndYyaskNI1AqcxaAt6I.png
framerusercontent.com/images/ Frame A961 24 KB
0 4ms
4ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ly7hsGndYyaskNI1AqcxaAt6I.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4f452334c46c15d7198eb2155a3ec0d93ee81b7d1dfaaee86fe67532299b4f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814056
x-amzn-requestid: 26ed4e78-6421-49aa-8b87-e1be9f6ffb6f
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="MEfCrIwHLFEzVxnYPtscL55730WmxYugYatbDWrBhrT_imVDI5veaA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=13
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-319c6f954b10e76e02e15a89;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: MEfCrIwHLFEzVxnYPtscL55730WmxYugYatbDWrBhrT_imVDI5veaA==

GET
H2 200 RVFtmFp0chpaTRBkxXKss5HkWuI.png
framerusercontent.com/images/ Frame A961 25 KB
0 5ms
5ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/RVFtmFp0chpaTRBkxXKss5HkWuI.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

dc9d99b4069719085cc1a67a93350f47b0d97185bc95c4afc509b917ca2a5ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14170262
x-amzn-requestid: c054beb9-a99a-44c8-b6e4-8efd99661635
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="ei0aOKKrcmGetnp2Qd-w2KKQRiuXgcWXqFFJzMKklIhHto1UlX9wIQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=12
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-689e8b4f72eef1440beb86f3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ei0aOKKrcmGetnp2Qd-w2KKQRiuXgcWXqFFJzMKklIhHto1UlX9wIQ==

GET
H2 200 wkMxGLA0wVGsaSgWt2doW86Zic.png
framerusercontent.com/images/ Frame A961 31 KB
0 7ms
7ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wkMxGLA0wVGsaSgWt2doW86Zic.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5ac1c77c992ddf5093ee99f3128e769ce4e854e31d63a45a5c229fa012f3d27b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814056
x-amzn-requestid: ba6827ad-aabc-411e-9dc2-dfa723dd0780
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="ArJOl01e-mXHHUhhhR9zQHmqnYeXQ59p9BQ6R1FvnS67Q3JuDqtykQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=12
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-644b15642b1ea7fc78e9b405;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ArJOl01e-mXHHUhhhR9zQHmqnYeXQ59p9BQ6R1FvnS67Q3JuDqtykQ==

GET
H2 200 UPxnowvsa2Fbt3lp5oDDFXRjROc.png
framerusercontent.com/images/ Frame A961 32 KB
0 7ms
7ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/UPxnowvsa2Fbt3lp5oDDFXRjROc.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

af6eba57bf2517abf6514c8efc984691780db40d0468f1bf9e4d1f8687d0f3ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:05 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14338092
x-amzn-requestid: e03300e0-9cad-43fc-8ab6-de726d6b5f30
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="OA4b_rhGHHv9M6XGlMTRWKXLir2-UgyB3zLGyxdlT4W2afJRvcBJxA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=14
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-765ffb934b7dbe1f748e348d;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OA4b_rhGHHv9M6XGlMTRWKXLir2-UgyB3zLGyxdlT4W2afJRvcBJxA==

GET
H2 200 2Zx97veGwo826dqlIbR2hMKiY.png
framerusercontent.com/images/ Frame A961 85 KB
0 7ms
7ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/2Zx97veGwo826dqlIbR2hMKiY.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4dd34f61aca89d6bc803b2bd3feb6a97b9be91c52dc7cfb6bf64971b08b3f83a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 05 Dec 2023 23:57:38 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14501079
x-amzn-requestid: c6578a5d-2b8c-483a-ac9d-b78066b234a7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="IAxYMee5ZfU2HCqBtSsY716GLQbjz7tdv-zqi9DQ1FgfdlTGY3MA3g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=13
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-656fb8f2-1a3284985a17b98d6b56e9b6;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: IAxYMee5ZfU2HCqBtSsY716GLQbjz7tdv-zqi9DQ1FgfdlTGY3MA3g==

GET
H2 200 i6iRuC8inkOu49dyb2cMx7KLX9o.png
framerusercontent.com/images/ Frame A961 32 KB
0 7ms
7ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/i6iRuC8inkOu49dyb2cMx7KLX9o.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c04daf4d84b602e33cd55244de90765807629d32b9bec66402b61bbc9666995c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:04 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14338093
x-amzn-requestid: d1276dde-ce3c-43b3-bdf2-19fb56353b67
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="wOds-g7keFTdjN-GJyqTLrjBZhhpCg0YLl5gDBXCZ4VoYhkld3VpSQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=15
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-6d94249e4d78cc9c47e01d91;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wOds-g7keFTdjN-GJyqTLrjBZhhpCg0YLl5gDBXCZ4VoYhkld3VpSQ==

GET
H2 200 4Um58dLygSHRrlUbzVAaCiPfHeE.png
framerusercontent.com/images/ Frame A961 61 KB
0 7ms
7ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/4Um58dLygSHRrlUbzVAaCiPfHeE.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

d065eff191539c5a5e24a3a4f1bb8ff55a32c7701e34d57ae8b49ca555bdeb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 02:47:41 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13713276
x-amzn-requestid: 76e437ee-349e-4296-8605-83da030eb99b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="-swfkuU3U6sntib9B6hiPiUaGNlIbpUxzyI-Om4lvpXXOdCOfbK8pA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=16
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657bbe4d-6fba888c030366654cd8e9e2;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -swfkuU3U6sntib9B6hiPiUaGNlIbpUxzyI-Om4lvpXXOdCOfbK8pA==

GET
H2 200 OwD5vj1mJJkrw8fQ4TLBsZu7VY.png
framerusercontent.com/images/ Frame A961 67 KB
0 7ms
7ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OwD5vj1mJJkrw8fQ4TLBsZu7VY.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

76d2ff093e6915059cf45b5a51b88ccd5e79c038e42ecd2cf5817403b6c52cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814055
x-amzn-requestid: 78b339dd-e4b5-456c-bb1c-74370a5115ab
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="SjS1R7rnj-fKxX4zlJt1qmbLZPq_UZNTr57_fWml5jxh7aQ_-usvxw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=17
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-47094d6076a345a112379c31;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: SjS1R7rnj-fKxX4zlJt1qmbLZPq_UZNTr57_fWml5jxh7aQ_-usvxw==

GET
H2 200 Yq0ObCqEE6wFZWZK5Dp54noE4.png
framerusercontent.com/images/ Frame A961 39 KB
0 8ms
8ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Yq0ObCqEE6wFZWZK5Dp54noE4.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

64ee05b98a022eb8e7c5f531342a77e8265378f08c4665c90e0b0ca953373b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814057
x-amzn-requestid: ac6a76f4-935a-4fe5-8b35-27cf98ada30c
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="BGoEY-voCT3cyDWENiHboaH3eDadyLkyZZlKil9tVzbJXZ60eCsIdQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-5adfee7741d945b93610ede9;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BGoEY-voCT3cyDWENiHboaH3eDadyLkyZZlKil9tVzbJXZ60eCsIdQ==

GET
H2 200 kPxJM4tLgnLH1CadICtjXQIzHyU.png
framerusercontent.com/images/ Frame A961 14 KB
0 8ms
8ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kPxJM4tLgnLH1CadICtjXQIzHyU.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6ba51e661ea99d73f18d67c0759bdfa54b3c409cab8308cccb0b4e94e6750ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814057
x-amzn-requestid: 2e4005e3-d4f1-4223-8f10-ce4e29194f95
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="scVqfWlmfdVVOEb6CSfQuVuH5OrEc7GhLYIhGX-MWvQ7zXUDsROf0A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-166d1a7913e3bf6f4caff6ea;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: scVqfWlmfdVVOEb6CSfQuVuH5OrEc7GhLYIhGX-MWvQ7zXUDsROf0A==

GET
H2 200 6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
framerusercontent.com/images/ Frame A961 214 B
0 12ms
12ms Image
image/svg+xml 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/6tTbkXggWgQCAJ4DO2QEdXXmgM.svg

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jul 2023 10:01:00 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 27424877
x-amzn-requestid: cd6fe516-7186-49ea-8583-2bab5f74ff2a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="d4EO-U-4o0vPWECVFpuA6QBZxFUvgzm_nYh_yoJX4RT0Wn-HKxCzYQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64aa855c-0af01ff92e851a665abb74ce;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: d4EO-U-4o0vPWECVFpuA6QBZxFUvgzm_nYh_yoJX4RT0Wn-HKxCzYQ==

GET
H2 200 11KSGbIZoRSg4pjdnUoif6MKHI.svg
framerusercontent.com/images/ Frame A961 215 B
0 12ms
12ms Image
image/svg+xml 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/11KSGbIZoRSg4pjdnUoif6MKHI.svg

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 12:09:35 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14889162
x-amzn-requestid: f927c207-5d43-4a31-84ec-0d06d0c63c6a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="BCfcPtpU7fbFFXwd6KGeza1Orwo8ei0XXPanekbclBykqAbCXN0fsQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6569ccff-42414f1e2713071463b83623;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BCfcPtpU7fbFFXwd6KGeza1Orwo8ei0XXPanekbclBykqAbCXN0fsQ==

GET
H3 200 xCQC3Wupbo8m3lPpUkDhzX5YD4.png
framerusercontent.com/images/ Frame A961 61 KB
61 KB 38ms
31ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/xCQC3Wupbo8m3lPpUkDhzX5YD4.png?scale-down-to=1024

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

052aad9f617143aa4ac1796210fe7d4b591bddfca04b80a52bb44382bf0fcaaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 Nov 2023 08:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 16199759
x-amzn-requestid: 9b6a1016-27a4-4c1c-bf6c-4dd5244f6e72
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="v3Ao0dvxVq5zSwXHpqMuZoQJQCKe4KDqfpC6F4U2A1Hl56dSfK55Fg==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6555cd7a-72716d0321980bee33a7f28e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: v3Ao0dvxVq5zSwXHpqMuZoQJQCKe4KDqfpC6F4U2A1Hl56dSfK55Fg==

GET
H3 200 7dgusnBALjfsS0yucyysUvo9a8o.jpg
framerusercontent.com/images/ Frame A961 97 KB
97 KB 44ms
37ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/7dgusnBALjfsS0yucyysUvo9a8o.jpg

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

16e01cf649348ae4aa10d00073964eb618ddfe12fb19832485fb131dda930f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 22 Feb 2024 18:15:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 7695980
x-amzn-requestid: f79f9e01-484c-4a08-bdbc-c2fddeffb140
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="i_ykcIds80DL3OH_w99rjeK-fam4Cw8UsRS9t2GLDTs9MJ-X2QnTNA==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65d78f5d-62e6045614e49c90304ec543;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: i_ykcIds80DL3OH_w99rjeK-fam4Cw8UsRS9t2GLDTs9MJ-X2QnTNA==

GET
H3 200 NI61TIlpX6TJbklIpHSie2tEpGE.png
framerusercontent.com/images/ Frame A961 65 KB
66 KB 46ms
40ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/NI61TIlpX6TJbklIpHSie2tEpGE.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5e5037129f05b5364a856cbc1a8bfbbaad20aeca2fe2c43d8590a856c753d485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 Nov 2023 10:28:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 15240824
x-amzn-requestid: 413005f5-e144-4729-aaee-163700256cfb
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="GRiMODlhMvarUjpcszQ44hw2VEZ1UxbKS2Drz-Pnx4nUFvM_T5PFZw==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65646f51-5dc48f8225829ec367f04792;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: GRiMODlhMvarUjpcszQ44hw2VEZ1UxbKS2Drz-Pnx4nUFvM_T5PFZw==

GET
H3 200 emCFcnwNiMYScIxwr45IJOzQLg4.png
framerusercontent.com/images/ Frame A961 5 KB
6 KB 43ms
36ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/emCFcnwNiMYScIxwr45IJOzQLg4.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b7b8ac25904dcb445701b5d1efa127727723d8d9e7f440457f12ca5d3b26c9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:48:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4148031
x-amzn-requestid: 75f1e76e-20fc-4823-8017-c428c2130abc
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="kwB-Ine7IIHbnMBGckEFRcWPUc6dO34LGfigZitG47Mw-BNB9bTDiw==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db289-383c080d3bfe679a0b020e02;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: kwB-Ine7IIHbnMBGckEFRcWPUc6dO34LGfigZitG47Mw-BNB9bTDiw==

GET
H3 200 B2j04d4DELSVPqW3pu2DeFzMZU.png
framerusercontent.com/images/ Frame A961 5 KB
6 KB 36ms
29ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/B2j04d4DELSVPqW3pu2DeFzMZU.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b27e2ff6dcd76549f2f66acf69dbcc8a5dcc53af127a14ac4e5d33adcd18cde7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:48:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4148015
x-amzn-requestid: b23c1655-2496-4d6d-ba25-b5575ea0ccd8
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="XO94qJV7tBEWzRJMsYoxhhzgYIdqheTUktf4vI1Ghipbca4y75V80A==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db299-77502d3d29d3b3ed0817ab4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: XO94qJV7tBEWzRJMsYoxhhzgYIdqheTUktf4vI1Ghipbca4y75V80A==

GET
H3 200 f2fwl12tvW9YGosVlJxHf8yLgk.png
framerusercontent.com/images/ Frame A961 5 KB
6 KB 42ms
35ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/f2fwl12tvW9YGosVlJxHf8yLgk.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4fd7bdd78f1e54f45a4a21f57679cb6fdf3aee47a8d71dd8852a4193eb9c4b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4147969
x-amzn-requestid: e9e15c28-6c87-4076-9450-45e5a8522d05
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="78Yk5QEPSnDT4OsPHFYXFSiXVTXHP-0RC9nBPrwX5Ew5jG3rlORqUw==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db2c6-198fe3572d1549c7708610ba;parent=7e93a6060e332e86;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 78Yk5QEPSnDT4OsPHFYXFSiXVTXHP-0RC9nBPrwX5Ew5jG3rlORqUw==

GET
H3 200 XjelGy0AgZXWBtmYgQFM6So2cZU.png
framerusercontent.com/images/ Frame A961 25 KB
26 KB 46ms
39ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/XjelGy0AgZXWBtmYgQFM6So2cZU.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a935b85e486d01cfd4d6367d1fa1cab1ae49196644c492860878cf959e332633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 17:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 20397863
x-amzn-requestid: c346a2e6-eb2d-43fb-9561-2d4dd1b33b36
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="a3_DgSFoGOlHjhQrAO7p5DcRXZRVTmakgPXktcrtNjqwVFtfT2QmKA==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515bea2-249c5b1462b996922d6bdf1c;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: a3_DgSFoGOlHjhQrAO7p5DcRXZRVTmakgPXktcrtNjqwVFtfT2QmKA==

GET
H3 200 ViCoXi9FWxoh8GjbX1a14g7pZX0.png
framerusercontent.com/images/ Frame A961 13 KB
13 KB 44ms
37ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ViCoXi9FWxoh8GjbX1a14g7pZX0.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e87381db0061a8a04fd758811bef1906a0f760d8de5bbde1c25f7a7bccdf7f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: d01e4eb0-6340-474b-80c0-55b1115de58d
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="p9x-gUWLABxLyKGQ6xxIuwR3q6oGWR3cN-q5-tZBOJBe5OVatwnsfg==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-2f26307d46f6186b2c4f1c6f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: p9x-gUWLABxLyKGQ6xxIuwR3q6oGWR3cN-q5-tZBOJBe5OVatwnsfg==

GET
H3 200 8ibs6KgHYOJb6Y4lzhBQsszTRc.png
framerusercontent.com/images/ Frame A961 3 KB
4 KB 43ms
37ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/8ibs6KgHYOJb6Y4lzhBQsszTRc.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

10bd3d0e3bef262fe02d35fa3c3153a291e8d8c88625ef4c23882006270f76e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: ffd0bfc1-7f2f-4fc7-9acd-1f5586c76ef5
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="FWsFNsqWkZNI79KCXEOH_krSuQzr1UfX4Gv_AspiXpi-9BqOC5Qt9w==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-03e2c9b96a32f4f633f203de;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: FWsFNsqWkZNI79KCXEOH_krSuQzr1UfX4Gv_AspiXpi-9BqOC5Qt9w==

GET
H3 200 MxRklazzy1Emai1IjUOn2ORYq8.png
framerusercontent.com/images/ Frame A961 3 KB
4 KB 50ms
43ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/MxRklazzy1Emai1IjUOn2ORYq8.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

65b1970ad0056e9f872f541b8684eaac58af3f4e6af9e8cc46dbba0547aa12f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 9cd05eb4-56cd-4d14-b26b-e05bd67413ad
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="JEcJgd2yehug4AlTN18CHpHsyrFlUUmVaHYssW_YrCQf-SSZSFQl9w==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-59c8d8ec74b1187037153698;parent=41ead940dd0ae5a0;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JEcJgd2yehug4AlTN18CHpHsyrFlUUmVaHYssW_YrCQf-SSZSFQl9w==

GET
H3 200 wiRNqk3Xr49CYkBPQk79io2TT1g.png
framerusercontent.com/images/ Frame A961 5 KB
6 KB 51ms
44ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wiRNqk3Xr49CYkBPQk79io2TT1g.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4242cb0d811aa58c2c1346e393e3f32eabeea6a8b111505ba9d455c519af0a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 88b07d04-c4a8-44bb-840f-bdf84f29aeb9
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="xoU1mi_g8--2Lx4tjCN6mBWjXMC1GaJh_5nL1nV6P6qmpSiF_TKfdg==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-26424c4d5df73fe80d2cad86;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xoU1mi_g8--2Lx4tjCN6mBWjXMC1GaJh_5nL1nV6P6qmpSiF_TKfdg==

GET
H3 200 5JsrF9pUWaXrgy50k6xEWQpJoxA.png
framerusercontent.com/images/ Frame A961 15 KB
15 KB 48ms
41ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/5JsrF9pUWaXrgy50k6xEWQpJoxA.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

351ec7eaa47a100223c28f83fcc130fcc711cd585cffcb2e5a13c7aa8c7797e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:19:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146181
x-amzn-requestid: 35fcf2c5-9113-4835-87c2-1e3607d7236e
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="DFi5rzGl-MryffHOjrmlVoE6MlsdvieP40IpsxftiJSZNcnfmQsiZw==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db9c4-7ddc3b4d0ce00a876eb737c8;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: DFi5rzGl-MryffHOjrmlVoE6MlsdvieP40IpsxftiJSZNcnfmQsiZw==

GET
H3 200 ftPWeWr9bdX4s1UGa0CgDGwo6Q.png
framerusercontent.com/images/ Frame A961 6 KB
7 KB 46ms
39ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ftPWeWr9bdX4s1UGa0CgDGwo6Q.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8e8aeadc29c7a5c988fd6d12f6e2ab09da8e7c266eb92662c88e5485f7ca6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 0e9e4021-dc89-4725-ac4b-63158ac32908
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="cN6EbvCErUFEpuyd2IOfcM4fRDYLPbQF6uC8rHG-liU_zBzwuZ1JlA==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-616f85da7187310d38aa6717;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: cN6EbvCErUFEpuyd2IOfcM4fRDYLPbQF6uC8rHG-liU_zBzwuZ1JlA==

GET
H3 200 aFXvQ8tvchAhSy28xtqLwAcc.png
framerusercontent.com/images/ Frame A961 9 KB
10 KB 51ms
44ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/aFXvQ8tvchAhSy28xtqLwAcc.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dc36791a319faca1216172316a62bec25a815789c703e22ca883a6754d60b69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146442
x-amzn-requestid: d3c0b3f9-51c2-442f-8e18-fa888d4c166f
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="6dVLpGCTaSl0c-U_G0aQRrdquF585EE_9Y3N52T2_w82F5wNmcKoHw==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-3a55b3a21e01caea5d57d28d;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6dVLpGCTaSl0c-U_G0aQRrdquF585EE_9Y3N52T2_w82F5wNmcKoHw==

GET
H3 200 Fi5WiSlR8pQgUTvWiBx9llcchmY.png
framerusercontent.com/images/ Frame A961 2 KB
3 KB 50ms
43ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Fi5WiSlR8pQgUTvWiBx9llcchmY.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8c1a0ce4d216e8ebccf87693a96b6cddf4f7d72cdfe4d87c1dea22e9b5591e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 38306c3b-1cc1-4d11-bdfe-f7e4591a8eab
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="zK3743pj9Nct5OsmRG2geezo0KfO2onhHgfi16HPNVQBwmpCzb1zqw==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-526d969e22cb279224fafd03;parent=34734ef8c377a80b;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: zK3743pj9Nct5OsmRG2geezo0KfO2onhHgfi16HPNVQBwmpCzb1zqw==

GET
H3 200 Ax6NHsTfN0grr4AHyWTy2Sz2RI.png
framerusercontent.com/images/ Frame A961 9 KB
10 KB 51ms
44ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Ax6NHsTfN0grr4AHyWTy2Sz2RI.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b5701c4d14b0fc7c3b9376cb94170a68ec73407bd51f1fe168430e37fec2b32e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 3e6905e1-af53-4cd5-a73a-766e60fce23e
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="ID-M6EXguHLWjnDgViC5iSxK9Tn1LwHimJHEkggLEC0UZepl_eWgww==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-43e8761e72276c392c206454;parent=5ef6032e39bfdbfd;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ID-M6EXguHLWjnDgViC5iSxK9Tn1LwHimJHEkggLEC0UZepl_eWgww==

GET
H3 200 8WJAm6JhDhA9oa7JjDgElrhOiQ.png
framerusercontent.com/images/ Frame A961 10 KB
10 KB 60ms
53ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/8WJAm6JhDhA9oa7JjDgElrhOiQ.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6a3c77088d19884e2cb7401a2e9972e357ebb263d905e098014220aeed999815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 5cf4f05e-68c7-4c04-bb92-72a6d5f0441c
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="gfLdz6Cz_DmFCsoKsGbHlPcbPc28YHYKIuid9aaLujNyqpIThB3Oow==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-5014c2ca11b926b03e287a93;parent=4d7a1a7c792d3cf1;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gfLdz6Cz_DmFCsoKsGbHlPcbPc28YHYKIuid9aaLujNyqpIThB3Oow==

GET
H3 200 o5yryGY3RMxXyiyQyqeuPPxOz60.png
framerusercontent.com/images/ Frame A961 12 KB
12 KB 62ms
56ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/o5yryGY3RMxXyiyQyqeuPPxOz60.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6a80765e705635ab8f3f4ca137d925f2958a21147effb88c80e3b9e300ff9129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 46637bc1-f1c0-4eff-b80e-a01d1c83c945
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="JM8mbYA6TBtgpsrtcbxmd5Lc0IrxKZfyiunYOYkAhxyJA04JYVmG5A==",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-51cb383a23a022e62f06d847;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JM8mbYA6TBtgpsrtcbxmd5Lc0IrxKZfyiunYOYkAhxyJA04JYVmG5A==

GET
H3 200 9ak0DxXbaVM1VoMTeIMa99JiKI.png
framerusercontent.com/images/ Frame A961 13 KB
14 KB 51ms
44ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/9ak0DxXbaVM1VoMTeIMa99JiKI.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cb5af3540ca60d5b611ff32706a636ed017b8b94ff154cec81b1a6144def5b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: e49d56ed-c89a-4122-9542-dae82d2ce91a
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="f2xSE97ir7cF5HbTVTA7ohV1GCpZVe2EbI6AlD2DXY0zJGgkx00rUQ==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-496ea6cd7b9df6fc35f1ae5a;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: f2xSE97ir7cF5HbTVTA7ohV1GCpZVe2EbI6AlD2DXY0zJGgkx00rUQ==

GET
H3 200 hnIi4P7pdlJAXqbv27Bue7JEr2k.png
framerusercontent.com/images/ Frame A961 4 KB
5 KB 62ms
56ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/hnIi4P7pdlJAXqbv27Bue7JEr2k.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9a5fac4171ae0fa4e6253a625c99f72b75949f1ebde08b51108f26923d51be43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 387e7d12-7391-4a3d-9de5-6dc02dcecac0
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="wfB0EPVy3wAoEw4SjhESaShYhHU97aGbMo_Of4CuyltXBbOzJug-DQ==",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-093bda40237ba4fd282d5175;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wfB0EPVy3wAoEw4SjhESaShYhHU97aGbMo_Of4CuyltXBbOzJug-DQ==

GET
H3 200 wlTHpTUu4ykBMBG21EX0CERes.png
framerusercontent.com/images/ Frame A961 11 KB
12 KB 64ms
57ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wlTHpTUu4ykBMBG21EX0CERes.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5733d9bc8e680afc43dd30cafe37543fd63da220a1472c63c126a43896d29247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146442
x-amzn-requestid: 740e1468-d462-4477-a353-e374bc3e36e0
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="3gWegbeCONaeX5v30BHIVZRmHclizJDat36CWFdwYkPE_W2AWVt4fg==",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-744060b15d09108e4111b709;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 3gWegbeCONaeX5v30BHIVZRmHclizJDat36CWFdwYkPE_W2AWVt4fg==

GET
H3 200 pMOoQGEce2gdLvB4HZNfsf4sY.png
framerusercontent.com/images/ Frame A961 10 KB
11 KB 64ms
58ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/pMOoQGEce2gdLvB4HZNfsf4sY.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

770c4939f53c96cccac5b0e25ed133940e3d731cfd7c6567e3415e4fa6f66002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146442
x-amzn-requestid: 112cbf87-6183-4300-bd3b-e9d5a6080319
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="DpN-E64iO-rRKKeGEQYxlyR7zg7jWw6yGe1Gr9zr-6CwxRNfgebM4g==",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-257e295850b9ea1d6b049c28;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: DpN-E64iO-rRKKeGEQYxlyR7zg7jWw6yGe1Gr9zr-6CwxRNfgebM4g==

GET
H3 200 GqxnFscgQXWBc0FTLQUcBVmIfV8.png
framerusercontent.com/images/ Frame A961 12 KB
13 KB 64ms
58ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/GqxnFscgQXWBc0FTLQUcBVmIfV8.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1462a6870c6180f472f6a9740ab8e38dee1bc0c467871e1e32e433806320b4a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146442
x-amzn-requestid: 4eeffb6a-23dc-4897-bf51-367a8f3f6fbf
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="3-Ra9-Kj4siIG5OxKoRGm0IC8u0I5Vc19F98NNec2JHoGsrfw7-wjg==",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-1f4926595178469236cb7a7a;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 3-Ra9-Kj4siIG5OxKoRGm0IC8u0I5Vc19F98NNec2JHoGsrfw7-wjg==

GET
H3 200 eODr1NJCd9NMOsg3WpToY6znD0.png
framerusercontent.com/images/ Frame A961 15 KB
16 KB 64ms
58ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/eODr1NJCd9NMOsg3WpToY6znD0.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9164300fd0eeac414cbba5c13af67cecac3685ffc4fa1f18e582056d46490487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4146442
x-amzn-requestid: 26e63173-cda4-4116-b7f9-6b3df5b70d29
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="e-PM7XNoxzpr0uYx6nzMxN58wNq5aXbu8SawdFdfqxDG_jmx_Q2LwQ==",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-787743b1177b9d017868a88e;parent=382592e15e444519;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: e-PM7XNoxzpr0uYx6nzMxN58wNq5aXbu8SawdFdfqxDG_jmx_Q2LwQ==

GET
DATA 200
OK truncated
/ Frame A961 729 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da70c773cd3a8d489bad7c03fb89b63053843aa52c0545749df089a08e64f78f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2086fef391221a13d759836370ef5bae70c15e1389eb6504dc3a31c987e0a88

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db9c28d70f03728ad94c11d34cea446ed992aaa6167344d3eb362379f7fdaaf0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 777 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff54e9b2209db7e90df95ee8523a1176d4c14d06b413cc817dfbbda6d64a03e1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a61375e44fd14535935364ba62f844371eb9fb77ad0e4437720086719fa0da7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 319 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d9df2764c7d56ded13faf14e7235e19ae3232be0f54e8ddd60ed76e6339f3af

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 536 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52ea1136d79c3a7ebe4f345fdec565e4bac855aeb6ae4dafb54b7b7f29edb881

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 743 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e12cb695307b2703bce81c01aaeaf24cf0aa0602c8307458ea4f117719fb6ac

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 188768601044fa9d36f7e8318b53e650a64fb03b28c2b04eb8b99facdadce63e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa7e514331c85e2bff2ab629fc901146eaec70a8fbfd84ee6dc9242dbb9d0030

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A961 645 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db8dee9ad499fb9b623de94c004b284d5529c842c2822340d4ad2f2f8f44968c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 PeV1BiYkQUoBq9a4xHPOFZaIKs~OYvKke6pEo6tZJDWeo6LVWQ-3rkTs09Fc-ShUEf3Zww.ttf
framerusercontent.com/modules/assets/ Frame A961 104 KB
48 KB 31ms
31ms Font
font/ttf 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/assets/PeV1BiYkQUoBq9a4xHPOFZaIKs~OYvKke6pEo6tZJDWeo6LVWQ-3rkTs09Fc-ShUEf3Zww.ttf

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9e16d83a2c1724e2cbfd819c46e35e26b7911de8678342fc0d6a00e277764306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 19:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 433772
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="OpevF0pEk-hgkO3RDtm3e71y7ptQefRK8FzSllBeJnbiZf5zLyE8jQ==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-frame-options: deny
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: OpevF0pEk-hgkO3RDtm3e71y7ptQefRK8FzSllBeJnbiZf5zLyE8jQ==

GET
H2 404 terms
www.biltrewards.com/ 29 B
0 971ms
963ms Fetch
text/html 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/terms?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
date: Tue, 21 May 2024 20:02:18 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS, MISS
cross-origin-resource-policy: cross-origin
x-imgix-id: e5da12155173c50a22a980f9c8fe3f07af69d5ff
x-status: MISS
content-length: 29
x-xss-protection: 1; mode=block
x-served-by: cache-sjc1000123-SJC, cache-ams21050-AMS, cache-fra-eddf8230045-FRA
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::dclll-1716321737972-c7ab52e6fce6
vary: Accept-Encoding
content-type: text/html,text/html
access-control-allow-origin: *
cache-control: no-store
accept-ranges: bytes
cf-ray: 887729ce68589010-FRA
timing-allow-origin: *

GET
H3 200 en.json Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/translations/ 8 KB
2 KB 52ms
51ms Fetch
application/json 2606:4700:3108::ac42:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/translations/en.json

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:28c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f451ccd1b82076cdf339b4c512eb3363a898c580776fe8e2a4242ffea352b4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16550
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"deeec53da2118f7d45f432e74ecef857"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 887729ce4b7f37f7-FRA
expires: Tue, 21 May 2024 20:03:17 GMT

GET
H2 404 bilt-platform-terms-of-use
www.biltrewards.com/terms/ 29 B
0 712ms
707ms Fetch
text/html 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/terms/bilt-platform-terms-of-use?_rsc=1wlmf

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(root)%22%2C%7B%22children%22%3A%5B%22p%22%2C%7B%22children%22%3A%5B%22homepage%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Next-Router-Prefetch: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url: /p/homepage
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
date: Tue, 21 May 2024 20:02:18 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS, MISS
cross-origin-resource-policy: cross-origin
x-imgix-id: aa9b4b7f5e1b3fdc5ed0f41e425a78a2c34c6237
x-status: MISS
content-length: 29
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10021-SJC, cache-ams21047-AMS, cache-fra-eddf8230077-FRA
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::4ncz9-1716321737976-7e1d8a298dc3
vary: Accept-Encoding
content-type: text/html,text/html
access-control-allow-origin: *
cache-control: no-store
accept-ranges: bytes
cf-ray: 887729ce7e4a9f4c-FRA
timing-allow-origin: *

GET
H3 200 yhcjbBUdWKuI5ee25BmmDwVlQ.png
framerusercontent.com/images/ Frame A961 3 KB
4 KB 37ms
34ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/yhcjbBUdWKuI5ee25BmmDwVlQ.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a05264144271a335fb2ba344835479c8b97cca952f010b9cb8c2d3917abfa50c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:25:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4149380
x-amzn-requestid: 880339d6-3db5-4cff-922c-9d784925e18a
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="5LvpTT8Pzi3Lyz5igCLY9PMY2uk9IxBdRWg_dysx4spU0simgANPhQ==",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad46-14e9b9a6208a1250783bd69a;parent=3ee3c348b457ba85;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5LvpTT8Pzi3Lyz5igCLY9PMY2uk9IxBdRWg_dysx4spU0simgANPhQ==

GET
H3 200 uMy6gIwSwWrVGDsXDGVWHHKzYEE.png
framerusercontent.com/images/ Frame A961 3 KB
4 KB 37ms
34ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/uMy6gIwSwWrVGDsXDGVWHHKzYEE.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

45c345166436583f0abd394d710d9eeaa329108cdd1a3f09556192d38227cf54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4149375
x-amzn-requestid: 614a176e-58c0-4338-a7f0-8da006b9677e
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="OjBsTNDNB03AK03wnw-fWv2BQ5RxxYNfjfxM-PdZ5XN3RXGZjS847w==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-01d684fc19c54c0573d4a145;parent=592f8614859ed3a8;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OjBsTNDNB03AK03wnw-fWv2BQ5RxxYNfjfxM-PdZ5XN3RXGZjS847w==

GET
H3 200 NRqZdfp0sRwRZ2mBC3XB3MGG4.png
framerusercontent.com/images/ Frame A961 2 KB
3 KB 37ms
34ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/NRqZdfp0sRwRZ2mBC3XB3MGG4.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7fcb5ce28fc78270827a658038cdbd41ccfd7046c1e2a5722c745f6a41fbcb56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4149375
x-amzn-requestid: a72a37c2-8d1f-4b7c-a9c6-36928c59ecf1
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="39GvXgwhmYU3rVW7teyQkaPPIGA8z3EebjaMO9uC40HE1VCV9qUDFw==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-14fb96f06813c3ab16d39a6a;parent=0473473adef448a2;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 39GvXgwhmYU3rVW7teyQkaPPIGA8z3EebjaMO9uC40HE1VCV9qUDFw==

GET
H3 200 c8bJ9cJNZu0SSI90azRcdddA.png
framerusercontent.com/images/ Frame A961 3 KB
4 KB 37ms
35ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/c8bJ9cJNZu0SSI90azRcdddA.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d5d57d912d1e17d9db264a07b64a6a3ed4265303e1d73c542ec3cc2d1ef672c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4149375
x-amzn-requestid: f067016b-8a63-4afe-b438-64a09037f935
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="UueaTbeJAZOgjd1v6NVDkk6NQkhert13G72-J4INyIk2yiO2Ls5T4g==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-081a6b1244d6a917705fe4fb;parent=1f92f6a054dbf007;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: UueaTbeJAZOgjd1v6NVDkk6NQkhert13G72-J4INyIk2yiO2Ls5T4g==

GET
H3 200 PJj4RY5yFu6gqPz485dMfCclbxQ.png
framerusercontent.com/images/ Frame A961 16 KB
17 KB 34ms
31ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PJj4RY5yFu6gqPz485dMfCclbxQ.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cc05f6874071cc404007806efb2cfedefe4b82aca5469dfaf9c5cc3720d91347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4149293
x-amzn-requestid: 55909a7d-6c51-45ee-abca-67c8443054bc
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="IhuL8sPdgoRxN9M90XvsXgKt0tmDfKDBbFNq8bi7fovdsmTaR8d-Qw==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad9c-782eb4a7627511237e817f9f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: IhuL8sPdgoRxN9M90XvsXgKt0tmDfKDBbFNq8bi7fovdsmTaR8d-Qw==

GET
H3 200 gMGCZacBG9NmOgMr0vAlUWzMM.png
framerusercontent.com/images/ Frame A961 2 KB
3 KB 34ms
32ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/gMGCZacBG9NmOgMr0vAlUWzMM.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6c7105dd948f39cf942552d784adc2784ae2ab999863706fd3f79ec370906ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4149375
x-amzn-requestid: 955649e1-5ec9-4dac-a9a5-59b23b6abde1
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="BVh-yabwXIs-SESaBIwd6E5xLkRFxGObqifNuDRErZizuvZdip4-2w==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-639593ed4cbcf0391b54d492;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BVh-yabwXIs-SESaBIwd6E5xLkRFxGObqifNuDRErZizuvZdip4-2w==

GET
H2 200 schemaFilter.0bcede992f41573b.js Show response
www.biltrewards.com/_next/static/chunks/ 8 KB
5 KB 34ms
34ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/schemaFilter.0bcede992f41573b.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/webpack-8714ed4b17298ec9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d9330d7b5ed5d855dcee44b5e5bc3fddbe4b3a42d1e574096727442eb1b89ad6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:18 GMT
strict-transport-security: max-age=63072000
age: 1258
content-disposition: inline; filename="schemaFilter.0bcede992f41573b.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::fmm8r-1716321738158-01f1bd5eb63d
x-matched-path: /_next/static/chunks/schemaFilter.0bcede992f41573b.js
etag: W/"184fd4ad39164bac90c131bdbb5e5589"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 90ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QLSYZKSM0E&gtm=45je45f0v874427215z8863411406za200zb863411406&_p=1716321737115&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=350475638.1716321738&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1716321738&sct=1&seg=0&dl=https%3A%2F%2Fwww.biltrewards.com%2F&dt=Bilt%20Rewards&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1825
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLSYZKSM0E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 21 May 2024 20:02:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.biltrewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET t2_7lmxmkme_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 0
0

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 74ms
22ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1716321738194&id=t2_7lmxmkme&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=db8be8c7-7dc7-4430-be2b-878f36db928c&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_a8bbbcc6&dpm=&dpcc=&dprc=
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 OJrwICelx547sU9TUfsOWWw2XU.png
framerusercontent.com/images/ Frame A961 74 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OJrwICelx547sU9TUfsOWWw2XU.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cf864361a24b9afe094f76d502d804e878318535e9479c428babec04f792bb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 21:01:50 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 12351627
x-amzn-requestid: 6bd86dc0-47a2-4c16-a0c3-51f3b79bd10b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="jSNFONY5BVxOY4RTjb_2X-G_OltfQ8jNujz2ECTrxW5LDAL3dT5NUA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6590853d-6cbbd6e16a26746a51f173da;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: jSNFONY5BVxOY4RTjb_2X-G_OltfQ8jNujz2ECTrxW5LDAL3dT5NUA==

GET
H2 200 QjUw3jJCmMzYz9c4QnfbBW9f90.png
framerusercontent.com/images/ Frame A961 176 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/QjUw3jJCmMzYz9c4QnfbBW9f90.png?scale-down-to=2048

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0f21a3f784c0a180951483e44e8878606dd7e74c330a40afdcabfd998bd9ed9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 07:16:50 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 12401127
x-amzn-requestid: 93163bec-85c6-4ed1-8290-c1f9df2c9dac
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="lvQFDqPlJOHTwJCo9Oub1u7kBnT8eXyVOFBCMDJ0IuwDqsv8MZFLjA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-658fc3e1-57315a206d7a02da7190c7b6;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: lvQFDqPlJOHTwJCo9Oub1u7kBnT8eXyVOFBCMDJ0IuwDqsv8MZFLjA==

GET
H2 200 Bxu6GY24oplllZd0X0beaOpeu1Y.png
framerusercontent.com/images/ Frame A961 33 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Bxu6GY24oplllZd0X0beaOpeu1Y.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

85f5de4dc60ee136c7f141c4999ed8ab88b9bf0aed3a5806f9cbc4283a901b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 21:04:09 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 20386688
x-amzn-requestid: 47a703ad-c5a4-4663-a7ca-41b0215b5529
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="EDdtCCEKljn3BTESXQcuoa6BLGGeZL6Oc4VVn9W0hhPRcJvDclmzTQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515ea49-22781c72779d140e4acf41d7;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: EDdtCCEKljn3BTESXQcuoa6BLGGeZL6Oc4VVn9W0hhPRcJvDclmzTQ==

POST
H3 202 page Show response
id.biltrewards.com/fsrelay/rec/ 87 B
108 B 161ms
161ms XHR
text/plain 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.biltrewards.com/fsrelay/rec/page

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.183.110.34.bc.googleusercontent.com

Software

Resource Hash

14196431302464b67035d3be26eb7dfb3b18e4d638a369d5ed6b4d4ebb4177b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.biltrewards.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87

POST
H2 200 TlbN1PqpZB Show response
api.userway.org/api/tunings/ 3 KB
3 KB 551ms
181ms XHR
application/json 2600:1f14:5db:eb00:491e:9f27:4143:4c40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/TlbN1PqpZB
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:491e:9f27:4143:4c40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 951900191b053b32fb1214b291f547f746c400c2c6c77e5b58165d89eb3d9fbc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
etag: W/"b04-ltlffmc7P91hsgDzyhHvSo7PX7A"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usra8a0d0449344447
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 2820
x-service-version: uw-pr

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 114ms
113ms Stylesheet
text/css 35.157.234.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.234.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-234-167.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1c8a4c256a82803e29912062ede9e76a92c20d4afbcdeaddce82ba13e4f7c484

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 21 May 2024 20:02:18 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 161ms
113ms Fetch
image/jpeg 35.157.234.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.234.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-234-167.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 21 May 2024 20:02:18 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

PUT error
conversions-config.reddit.com/v1/pixel/ 0
0

POST
H2 200 anonymous
events.framer.com/ Frame A961 0
0 425ms
425ms Fetch
application/json 13.32.110.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-73.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 May 2024 20:02:19 GMT
via: 1.1 218366faeb88f6d265d2589e37ea2dac.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amzn-trace-id: Root=1-664cfdca-31e4f1f91cce1cfd5746f5fc;Sampled=1;lineage=c457ad49:0
x-amzn-requestid: b4de092b-5c3d-4631-aafd-f744f6245582
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: YIyXwHZuoAMEXfg=
content-length: 0
x-amz-cf-id: q2YB8dRzOsVifq3R07f8SgBabjdYXUqw14--VTtnEZ5sG7gTcB2BxQ==

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 416ms
348ms Preflight
application/json 13.32.110.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-73.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 21 May 2024 20:02:18 GMT
via: 1.1 218366faeb88f6d265d2589e37ea2dac.cloudfront.net (CloudFront)
x-amz-apigw-id: YIyXtHrbIAMEZaQ=
x-amz-cf-id: zUSdQqjXX0dSexxvoWw2uWbV8tQ9ozyitpt0VxnG1ILAOHrJxfodqg==
x-amz-cf-pop: VIE50-C2
x-amzn-requestid: 0687c539-4e5b-48c1-99ad-cf5dddee3da9
x-cache: Miss from cloudfront

GET
H3 200 default_script0.E7H7JWSA.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame A961 2 KB
2 KB 27ms
27ms Script
text/javascript 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/default_script0.E7H7JWSA.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

d3f5959fff3e61a5601ec4be106ee10515443a2ee8bdef22138d69836080d896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 19:15:12 GMT
x-amz-version-id: IV9ksZaGfwqf0mLVFH9cNYP8FZ7E2vnI
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
age: 3026826
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="MgX1nbM_aIRLDb3lJ-pmq4YjtNMO9cgmw6HSUteWGn9S--wct9i5vg==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Apr 2024 19:09:30 GMT
server: CloudFront
etag: W/"6741b6590eaf6fb0d2f42b90943e4b2a"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: MgX1nbM_aIRLDb3lJ-pmq4YjtNMO9cgmw6HSUteWGn9S--wct9i5vg==

GET
H2 200 widget.js Show response
cdn.userway.org/ Frame A961 2 KB
0 0ms
0ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a1dd919cb7b76ee7984bd8107f188d4fd04281690c50fcf0359503c3961be961

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 424
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 3419
x-accel-date: 1716318318
x-77-nzt: EgwB1GY4sQH3Ww0AAAwBJRPCNAH3HwAAAA
x-accel-expires: @1716321918
x-77-age: 3419
last-modified: Tue, 21 May 2024 12:47:22 GMT
server: CDN77-Turbo
etag: W/"756a9be22041dae5f94ea744c6805ab1"
x-77-nzt-ray: 1cb09c0ebe71b130c9fd4c6647604113
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: _1YgAAmxWcfxoJLdaMTaupbPpj4drIAYxVYk9ZNncO3E84bY5wl0aw==

GET
H2 200 main.MWJjYTQ0ZWY3MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 339 KB
99 KB 108ms
107ms Script
application/javascript 23.198.214.69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9G398RC77U9N0P9KPM0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.214.69 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-198-214-69.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7dc3e5fd5e17851f95608e44439d2d39c569b2faf640fd4e9d592ff64c781e60

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 4c688c43
date: Tue, 21 May 2024 20:02:18 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202405211400001673B1E357849A43489A
x-tt-trace-id: 00-2405211400001673B1E357849A43489A-3C30F36C98BD113A-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-198-215-133.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017a1bce0050cc5907f1e66a475eca25ef669d85a87703d97316fd3ec1802f0a03ebc4e5db95a4475dda83a0a0b96419c99ef4a04e5088d68830786f062c6452bb9a7434b953ef80ff7b11c47e43b4e67f6d43be55c98bfaa10eace8079d11ce71
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 100792

GET
H2 200 fs.js Show response
id.biltrewards.com/fsedge/s/ Frame C7B5 273 KB
0 0ms
0ms Script
application/javascript 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.biltrewards.com/fsedge/s/fs.js
Requested by: Host: id.biltrewards.com
URL: https://id.biltrewards.com/_next/static/chunks/229-b73ce4ace404a953.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.183.110.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Origin: https://id.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 19:04:59 GMT
content-encoding: br
via: 1.1 google
age: 3438
x-guploader-uploadid: ABPtcPom4IxkzNDoO1Bqrqm7FRdw4QbIenmp07XCxfQmKtcOzyV-FQiO6dxlYCfJ2Pn9mtOIi9VTD9zbjw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75399
last-modified: Thu, 16 May 2024 15:58:30 GMT
server: UploadServer
etag: "9518bfdd8ce5a4d07426912e49eab44e"
vary: Accept-Encoding
x-goog-generation: 1715875109988133
x-goog-hash: crc32c=iqU1ow==, md5=lRi/3YzlpNB0JpEuSeq0Tg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 75399
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 21 May 2024 20:04:59 GMT

POST
H2 200 / Show response
o441793.ingest.sentry.io/api/4505110879076352/envelope/ Frame C7B5 2 B
65 B 25ms
24ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o441793.ingest.sentry.io/api/4505110879076352/envelope/?sentry_key=1bc00c0ad527487bb7700e3836d413e1&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.112.2

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/login/iframe/userdata/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1716321738475&aid=b-00ri&se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOm...

0
0

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/ 10 KB
4 KB 62ms
20ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/1325-7349c3bf44a94342.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 21:50:52 GMT
content-encoding: gzip
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-version-id: 73B4bUucoqQ.zop5Rb.39qMTDNo8ltid
x-amz-cf-pop: FRA6-C1
age: 4659087
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3273
last-modified: Fri, 08 Mar 2024 07:35:29 GMT
server: AmazonS3
etag: "4b03a476015c2ba9b9e74e895b97c12c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: n58vnGvPbiyZhOiGRmmp6YPkHYUVzq7_6KPnKeztRV2N4m6hWJ10IQ==

GET
H2 200 adwords.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/adwords/2.5.3/ 4 KB
2 KB 62ms
21ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/adwords/2.5.3/adwords.dynamic.js.gz
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/1325-7349c3bf44a94342.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cdfc45291898f113cf74b9db84cd914b2069a1bf948e51665789a627186f342

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 31 Jan 2024 23:59:28 GMT
content-encoding: gzip
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-version-id: .PFTD1mf4T6.cqCzCGDBaoXaZe77x4YA
x-amz-cf-pop: FRA6-C1
age: 9576171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1356
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "257fe81df53dcd4819bc1a81e78fce58"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: y2zhCMZMD1NGU-7C88CNPuJixReko3EaUxIZVhHL0AM8Td55IJk7Ww==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 63ms
21ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/1325-7349c3bf44a94342.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 31 Jan 2024 09:56:24 GMT
content-encoding: gzip
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-version-id: iBgkeROQ82ipYgPNwFnoDehQ.U3dPJg.
x-amz-cf-pop: FRA6-C1
age: 9626755
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1342
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "a1bed0458702cf863f2d24fb1b9d39ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: VDmhSVK9dqipOGEEx5jAbTJANLegBWDs3Vc7UU6sdG7vLg73HDPY9w==

GET
H2 200 widget_app_base_1716295517676.js Show response
cdn.userway.org/widgetapp/2024-05-21-12-45-17/ Frame A961 153 KB
0 0ms
0ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/widget_app_base_1716295517676.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d11b7c69cef043660a87ba8e09946e83b7559a7202805e217d4ab03a56442298

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:17 GMT
via: 1.1 2c4b655a5de1371195f92ed356802ebe.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-P1
age: 422
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 25564
x-accel-date: 1716296173
x-77-nzt: EgwB1GY4sQH33GMAAAwBnJIhJwH3IQAAAA
x-accel-expires: @1742216140
x-77-age: 25564
last-modified: Tue, 21 May 2024 12:47:16 GMT
server: CDN77-Turbo
etag: W/"a459cc0f5d2cb58eccafd4c53fbcd66a"
x-77-nzt-ray: 1cb09c0efc756736c9fd4c66856d4b21
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: GLIkY5LGUvSff80yeM1XS3L4gagSx3uvRVV6ccdZYOoWgJ6_xK-u9w==

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
177 B 600ms
196ms Fetch
application/json 35.155.246.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.246.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-246-37.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.biltrewards.com
date: Tue, 21 May 2024 20:02:19 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
176 B 598ms
196ms Fetch
application/json 35.155.246.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.246.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-246-37.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.biltrewards.com
date: Tue, 21 May 2024 20:02:19 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 nid-pixel520.js Show response
scripts.neuro-id.com/c/ Frame C7B5 1 KB
1 KB 691ms
623ms Script
application/json 2600:9000:275b:ee00:19:2755:1280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.neuro-id.com/c/nid-pixel520.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:ee00:19:2755:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3c75117c4b6621b601ca349845c3cd5f55d09c44905cffaddc725dabb82e17d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: OczcvQuECZ1WfWNu06oYhHLAAX8tIojT
content-encoding: gzip
via: 1.1 96f7375d4633bdc30f727db82897e3b4.cloudfront.net (CloudFront)
date: Tue, 21 May 2024 20:02:20 GMT
last-modified: Wed, 01 May 2024 16:10:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
x-amz-server-side-encryption: AES256
etag: "9e93e7a49e441bbf2fb28f0bb0597218"
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: max-age=90
accept-ranges: bytes
content-length: 723
x-amz-cf-id: 9feydBAaEnhQpYnrdMotr-zhvwV3PCmhjrW295iP4GhdfzpbmIhUxQ==

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
313 B 112ms
112ms XHR
text/plain 35.157.234.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=CLz8BddIbHunRwx9J6JGIQ&is_js=true&landing_url=https%3A%2F%2Fwww.biltrewards.com%2F&t=Bilt%20Rewards&tip=08FnYKRXCImPCfq28IH5egH9Z0RpJwDp4u4jGur2U6o&host=https%3A%2F%2Fwww.biltrewards.com&sa_conv_data_css_value=%270-13bff1a0-a01e-5a5a-7e29-c3c018bc9ae7%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd913bff1a0a01e5a5a7e29c3c018bc9ae7d972d783&sa-user-id-v3=s%253AAQAKIHA3H2EEmQtKCcneGn8odvHKBl4NWP20rZid3RNg5kptEHwYBCDJ-7OyBjABOgS9M-cxQgSSTuJ6.1tN15c9UHgm67PNQ351Os%252FrkEWx%252B1GU%252Fx0fbulHijL4&sa-user-id-v2=s%253AE7_xoKAeWlp-KcPAGLya59ly14M.QB9YztoNAJUU6crgxHm7zlzM%252BuAJ%252Feblk1adWAk5QtE&sa-user-id=s%253A0-13bff1a0-a01e-5a5a-7e29-c3c018bc9ae7.iZ7mpvQE9CEeG37lYW7y%252BsdFBjhtOCtH17HrcYGGyU4
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.234.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-234-167.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d5781b6843de18ff323984b25323f02a17ccbd6d984ea170e8f0f290272031bb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.biltrewards.com
date: Tue, 21 May 2024 20:02:18 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 116
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

POST
H2 200 TlbN1PqpZB Show response
api.userway.org/api/tunings/ Frame A961 63 B
446 B 208ms
196ms XHR
application/json 2600:1f14:5db:eb00:491e:9f27:4143:4c40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/TlbN1PqpZB
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/widget_app_base_1716295517676.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:491e:9f27:4143:4c40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0ca8160a692d2ede5ba928e6b91500ca2e3b41bce9f4da9ac974b7df22f03cfb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
etag: W/"3f-PV0A++2rqOc4r1el3VJc1nugD2g"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usra0659dc901354c4
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 63
x-service-version: uw-pr

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 23ms
22ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/1325-7349c3bf44a94342.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 10:56:48 GMT
content-encoding: gzip
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-version-id: HopHKmY9TBcR3b.zdj3KrkRozUW9hj.F
x-amz-cf-pop: FRA6-C1
age: 4179931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Fri, 08 Mar 2024 07:35:27 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: GqBzob6SOmMkl5y57sXIIMYjc47uXEheuPVBHkqh_lvxY4s8EjVXBg==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/ Frame C7B5 519 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92f0b552deffbf207cee5389713056c7c3d27e4b9b9edaf29338d01a83c5962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Origin: https://id.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210834
x-xss-protection: 0
last-modified: Mon, 13 May 2024 17:44:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 May 2025 17:19:46 GMT

GET
H3 200 xdi.js Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ Frame C7B5 26 KB
12 KB 52ms
52ms Script
text/javascript 2606:4700:3108::ac42:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/xdi.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:28c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eff87b0205e1ebe55ca731239b15df7b48583b9015ce78cb50a886a97e8b1be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Origin: https://id.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16552
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"aa1a6c432a54ae84e0a582a0f4b77c78"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 887729d2aa2c37f7-FRA
expires: Tue, 21 May 2024 20:03:18 GMT

GET
H3 200 ui.js Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ Frame C7B5 295 KB
282 B 47ms
47ms Script
text/javascript 2606:4700:3108::ac42:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ui.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:28c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87a3392313500de980b01445d72f2f7e95bc0d26d5f938bb2f1a7ab569caf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Origin: https://id.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81385
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"2ff4fae52b8ac954d5874b92987806e9"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 887729d2aa3137f7-FRA
expires: Tue, 21 May 2024 20:03:18 GMT

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
40 KB 108ms
108ms Script
application/javascript 23.198.214.69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.214.69 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-198-214-69.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 4c689013
date: Tue, 21 May 2024 20:02:18 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202405211400009BF928A2F33A5F4EC165
x-tt-trace-id: 00-2405211400009BF928A2F33A5F4EC165-54F137B667F19A70-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-198-215-133.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017a1bce0050cc5907f1e66a475eca25ef669d85a87703d97316fd3ec1802f0a03649622b2daf0d88e8644a285d64938c592c2e7dbc089c260a4b2c36342444fcbe25d6eba276505dbe41bc731ffaefd312262f92b96df9bf21e8c4de7b9f04376
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length: 39895

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
704 B 147ms
147ms Ping
text/plain 23.198.214.69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.214.69 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-198-214-69.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4c689022
date: Tue, 21 May 2024 20:02:18 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2405212002186D52FC5DA62A1F6E4FC0-756FB51E40413610-00
x-cache: TCP_MISS from a23-198-215-133.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
server-timing: inner; dur=26, cdn-cache; desc=MISS, edge; dur=7, origin; dur=35
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202405212002186D52FC5DA62A1F6E4FC0
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 35,23.198.215.133
x-tt-trace-host: 013639f38019084264c9da60332244b87b1664d2ae6422c5769771da6f7b8fbd9ff2325f909f5400355f9b344ef8d0d7a6b3403fb17aeb023ff4536f565806a944e1df11aefd334da91ed33cb813704410f9c571f6ca69aab649c8fc553740fd2c
access-control-allow-headers: Authorization,*
expires: Tue, 21 May 2024 20:02:18 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 68ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 May 2024 20:02:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1326, tbw=2784, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: m+OtkVaXG7bh78x6AW5F4IJFdVN7SgEMyBHrPdaBBnnYytoVP1UDIiw6Wxh/TkzK9l2YvdKw9PqQlJxnlKlZbA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 49 KB
18 KB 105ms
59ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

52dcb3d5f761764b3c62050ef7a14d1680fe9af272212e1e3f54a0bb938e20a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18263
x-xss-protection: 0
server: cafe
etag: 15055761588684167684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 May 2024 20:02:18 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 290 KB
98 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX&l=dataLayer&gtm_preview=gtm_auth=WonWorjHdmyZK4CuPVtRVg&gtm_preview=env-8

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0e7dc03337a25fbc965d96a9cc493b925907a56c6cbaedca91dcb22237a6791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100450
x-xss-protection: 0
last-modified: Tue, 21 May 2024 18:46:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 May 2024 20:02:18 GMT

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame E9D2 0
0 58ms
57ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc&co=aHR0cHM6Ly9pZC5iaWx0cmV3YXJkcy5jb206NDQz&hl=de&v=8k85QBI-qzxmenDv318AZH30&size=invisible&cb=arq2pqekjgne

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hfGhXgyFE5cGoI11r098pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://id.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hfGhXgyFE5cGoI11r098pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 20:02:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 QjUw3jJCmMzYz9c4QnfbBW9f90.png
framerusercontent.com/images/ Frame A961 176 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/QjUw3jJCmMzYz9c4QnfbBW9f90.png?scale-down-to=2048

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0f21a3f784c0a180951483e44e8878606dd7e74c330a40afdcabfd998bd9ed9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 07:16:50 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 12401127
x-amzn-requestid: 93163bec-85c6-4ed1-8290-c1f9df2c9dac
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="lvQFDqPlJOHTwJCo9Oub1u7kBnT8eXyVOFBCMDJ0IuwDqsv8MZFLjA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-658fc3e1-57315a206d7a02da7190c7b6;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: lvQFDqPlJOHTwJCo9Oub1u7kBnT8eXyVOFBCMDJ0IuwDqsv8MZFLjA==

GET
H3 200 cm.css
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ Frame C7B5 15 KB
282 B 59ms
59ms Stylesheet
text/css 2606:4700:3108::ac42:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/cm.css

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ui.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:28c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36fe8d60c96300f39cef881c83445907bb7a1d0f00b71ffaf38916bc08f99585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81382
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"58539a2b908f4e73e04d4f950b1b35a3"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 887729d39bc93a86-FRA
expires: Tue, 21 May 2024 20:03:18 GMT

GET
H2 200 OJrwICelx547sU9TUfsOWWw2XU.png
framerusercontent.com/images/ Frame A961 74 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OJrwICelx547sU9TUfsOWWw2XU.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cf864361a24b9afe094f76d502d804e878318535e9479c428babec04f792bb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 21:01:50 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 12351627
x-amzn-requestid: 6bd86dc0-47a2-4c16-a0c3-51f3b79bd10b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="jSNFONY5BVxOY4RTjb_2X-G_OltfQ8jNujz2ECTrxW5LDAL3dT5NUA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6590853d-6cbbd6e16a26746a51f173da;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: jSNFONY5BVxOY4RTjb_2X-G_OltfQ8jNujz2ECTrxW5LDAL3dT5NUA==

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-05-21-12-45-17/locales/ 621 B
1006 B 23ms
22ms XHR
application/json 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/locales/en-US.json
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:18 GMT
via: 1.1 8c2a58b44ec0f49caee32696bddc8526.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 417
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 25562
x-accel-date: 1716296176
x-77-nzt: EgwB1GY4sQH32mMAAAwBJRPCNAH3IgAAAA
x-accel-expires: @1742216142
x-77-age: 25562
last-modified: Tue, 21 May 2024 12:47:16 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: 1cb09c0efc756736cafd4c66f1fc4331
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 1ZbKx_OHYJA-QYaFTArU-aAPyR9z6m_fKJvOxt93hZKel_WNVb7gvw==

GET
H2 200 Bxu6GY24oplllZd0X0beaOpeu1Y.png
framerusercontent.com/images/ Frame A961 33 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Bxu6GY24oplllZd0X0beaOpeu1Y.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

85f5de4dc60ee136c7f141c4999ed8ab88b9bf0aed3a5806f9cbc4283a901b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 21:04:09 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 20386688
x-amzn-requestid: 47a703ad-c5a4-4663-a7ca-41b0215b5529
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="EDdtCCEKljn3BTESXQcuoa6BLGGeZL6Oc4VVn9W0hhPRcJvDclmzTQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515ea49-22781c72779d140e4acf41d7;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: EDdtCCEKljn3BTESXQcuoa6BLGGeZL6Oc4VVn9W0hhPRcJvDclmzTQ==

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-05-21-12-45-17/locales/ Frame A961 621 B
0 8ms
8ms XHR
application/json 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/widget_app_base_1716295517676.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:18 GMT
via: 1.1 8c2a58b44ec0f49caee32696bddc8526.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 417
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 25562
x-accel-date: 1716296176
x-77-nzt: EgwB1GY4sQH32mMAAAwBJRPCNAH3IgAAAA
x-accel-expires: @1742216142
x-77-age: 25562
last-modified: Tue, 21 May 2024 12:47:16 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: 1cb09c0efc756736cafd4c66f1fc4331
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 1ZbKx_OHYJA-QYaFTArU-aAPyR9z6m_fKJvOxt93hZKel_WNVb7gvw==

GET
H2 200 Yq0ObCqEE6wFZWZK5Dp54noE4.png
framerusercontent.com/images/ Frame A961 39 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Yq0ObCqEE6wFZWZK5Dp54noE4.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

64ee05b98a022eb8e7c5f531342a77e8265378f08c4665c90e0b0ca953373b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814057
x-amzn-requestid: ac6a76f4-935a-4fe5-8b35-27cf98ada30c
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="BGoEY-voCT3cyDWENiHboaH3eDadyLkyZZlKil9tVzbJXZ60eCsIdQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-5adfee7741d945b93610ede9;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BGoEY-voCT3cyDWENiHboaH3eDadyLkyZZlKil9tVzbJXZ60eCsIdQ==

GET
H2 200 kPxJM4tLgnLH1CadICtjXQIzHyU.png
framerusercontent.com/images/ Frame A961 14 KB
0 1ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kPxJM4tLgnLH1CadICtjXQIzHyU.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6ba51e661ea99d73f18d67c0759bdfa54b3c409cab8308cccb0b4e94e6750ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814057
x-amzn-requestid: 2e4005e3-d4f1-4223-8f10-ce4e29194f95
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="scVqfWlmfdVVOEb6CSfQuVuH5OrEc7GhLYIhGX-MWvQ7zXUDsROf0A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-166d1a7913e3bf6f4caff6ea;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: scVqfWlmfdVVOEb6CSfQuVuH5OrEc7GhLYIhGX-MWvQ7zXUDsROf0A==

GET
H2 200 kZedshteNKwEnTSThLDeUR8Dvg.png
framerusercontent.com/images/ Frame A961 3 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kZedshteNKwEnTSThLDeUR8Dvg.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2b6ffa1fda482766ba9db7607cf480fea2d6e045ea6d629cb1006b1384f43d3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814067
x-amzn-requestid: 955dccb4-047a-403f-864a-55cccbf57bbd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="khOwWAMQKng0onPPfJyIvRUf9O7omusrMPf5ydqyGBU9nEVmpMMI5Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-4028c3652793ae1569eb83fd;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: khOwWAMQKng0onPPfJyIvRUf9O7omusrMPf5ydqyGBU9nEVmpMMI5Q==

GET
H2 200 PpmuiGEDXM3kHtBp5icQtJnddr8.png
framerusercontent.com/images/ Frame A961 36 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PpmuiGEDXM3kHtBp5icQtJnddr8.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c2f14ac6aa2d1007f23dbc8cd5535ae456550e6b6cec1114a60d56610e526861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814056
x-amzn-requestid: 570231b1-76ce-4948-b9d1-87e54e335dd5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="vTyp8zqQ0SPLq_SVBiWNeRHoPgXu_Kdg9BkaJA0cKHIbkNObPTVIfg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=13
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-441c7c2c01bc6a640ffabe9c;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: vTyp8zqQ0SPLq_SVBiWNeRHoPgXu_Kdg9BkaJA0cKHIbkNObPTVIfg==

GET
H2 200 u3YgOCmum1dUpL43rOc7L0t2pTE.png
framerusercontent.com/images/ Frame A961 37 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/u3YgOCmum1dUpL43rOc7L0t2pTE.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8fac5963cf08bccb52ed83675b4ab217e5c9dcf28d37f50f9b0f023fc0a9b783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14170262
x-amzn-requestid: 8de716e5-6484-465d-9b98-bf5b719b5ddf
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="BPZeNhmL1DmaiEcUUZ-PkA0pyciexpCQdcJHN4_ft4Lpuy2Bb_Wsyg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-40ada02066e2ce3903f68f4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BPZeNhmL1DmaiEcUUZ-PkA0pyciexpCQdcJHN4_ft4Lpuy2Bb_Wsyg==

GET
H2 200 q2ZbwDh95WKyNtMuZKqIZa0Y.png
framerusercontent.com/images/ Frame A961 69 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/q2ZbwDh95WKyNtMuZKqIZa0Y.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f72d0a5af37884e1b1b98c1d843591b5618a80cab198ce8e85cf4131dfde5524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14170262
x-amzn-requestid: 95e9b69a-0251-436a-88f6-acfa14840b49
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="czEidQsq7ZDjTnQc5yGLeZk701-La28HWC0Nx62BZSvXrP5eMKC3Uw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=11
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-62a3a44b33d91cba46c2e0b4;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: czEidQsq7ZDjTnQc5yGLeZk701-La28HWC0Nx62BZSvXrP5eMKC3Uw==

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1716321738475&aid=b-00ri&se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIx...

0
0

GET
H2 200 VyL41pOzjpyf0ifC7GjerSeo3E.png
framerusercontent.com/images/ Frame A961 45 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/VyL41pOzjpyf0ifC7GjerSeo3E.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

12eb90ba365f5499e5dcca6dfa9e11e5e451e601f20c46d05cacfa45bbe0fa68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814056
x-amzn-requestid: 7a18f60e-5932-47f5-875d-17f2793f98fd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="JguEU9WfCNFHGekaKAZZIp3_88sbz2G2QAcSdLVpoSOC9DssrOvqnA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=11
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-73b0f6ff3b15cf5703eadbaf;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JguEU9WfCNFHGekaKAZZIp3_88sbz2G2QAcSdLVpoSOC9DssrOvqnA==

GET
H2 200 ly7hsGndYyaskNI1AqcxaAt6I.png
framerusercontent.com/images/ Frame A961 24 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ly7hsGndYyaskNI1AqcxaAt6I.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4f452334c46c15d7198eb2155a3ec0d93ee81b7d1dfaaee86fe67532299b4f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814056
x-amzn-requestid: 26ed4e78-6421-49aa-8b87-e1be9f6ffb6f
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="MEfCrIwHLFEzVxnYPtscL55730WmxYugYatbDWrBhrT_imVDI5veaA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=13
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-319c6f954b10e76e02e15a89;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: MEfCrIwHLFEzVxnYPtscL55730WmxYugYatbDWrBhrT_imVDI5veaA==

GET
H2 200 RVFtmFp0chpaTRBkxXKss5HkWuI.png
framerusercontent.com/images/ Frame A961 25 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/RVFtmFp0chpaTRBkxXKss5HkWuI.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

dc9d99b4069719085cc1a67a93350f47b0d97185bc95c4afc509b917ca2a5ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14170262
x-amzn-requestid: c054beb9-a99a-44c8-b6e4-8efd99661635
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="ei0aOKKrcmGetnp2Qd-w2KKQRiuXgcWXqFFJzMKklIhHto1UlX9wIQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=12
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-689e8b4f72eef1440beb86f3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ei0aOKKrcmGetnp2Qd-w2KKQRiuXgcWXqFFJzMKklIhHto1UlX9wIQ==

GET
H2 200 wkMxGLA0wVGsaSgWt2doW86Zic.png
framerusercontent.com/images/ Frame A961 31 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wkMxGLA0wVGsaSgWt2doW86Zic.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5ac1c77c992ddf5093ee99f3128e769ce4e854e31d63a45a5c229fa012f3d27b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814056
x-amzn-requestid: ba6827ad-aabc-411e-9dc2-dfa723dd0780
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="ArJOl01e-mXHHUhhhR9zQHmqnYeXQ59p9BQ6R1FvnS67Q3JuDqtykQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=12
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-644b15642b1ea7fc78e9b405;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ArJOl01e-mXHHUhhhR9zQHmqnYeXQ59p9BQ6R1FvnS67Q3JuDqtykQ==

GET
H2 200 UPxnowvsa2Fbt3lp5oDDFXRjROc.png
framerusercontent.com/images/ Frame A961 32 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/UPxnowvsa2Fbt3lp5oDDFXRjROc.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

af6eba57bf2517abf6514c8efc984691780db40d0468f1bf9e4d1f8687d0f3ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:05 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14338092
x-amzn-requestid: e03300e0-9cad-43fc-8ab6-de726d6b5f30
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="OA4b_rhGHHv9M6XGlMTRWKXLir2-UgyB3zLGyxdlT4W2afJRvcBJxA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=14
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-765ffb934b7dbe1f748e348d;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OA4b_rhGHHv9M6XGlMTRWKXLir2-UgyB3zLGyxdlT4W2afJRvcBJxA==

GET
H2 200 2Zx97veGwo826dqlIbR2hMKiY.png
framerusercontent.com/images/ Frame A961 85 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/2Zx97veGwo826dqlIbR2hMKiY.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4dd34f61aca89d6bc803b2bd3feb6a97b9be91c52dc7cfb6bf64971b08b3f83a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 05 Dec 2023 23:57:38 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14501079
x-amzn-requestid: c6578a5d-2b8c-483a-ac9d-b78066b234a7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="IAxYMee5ZfU2HCqBtSsY716GLQbjz7tdv-zqi9DQ1FgfdlTGY3MA3g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=13
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-656fb8f2-1a3284985a17b98d6b56e9b6;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: IAxYMee5ZfU2HCqBtSsY716GLQbjz7tdv-zqi9DQ1FgfdlTGY3MA3g==

GET
H2 200 i6iRuC8inkOu49dyb2cMx7KLX9o.png
framerusercontent.com/images/ Frame A961 32 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/i6iRuC8inkOu49dyb2cMx7KLX9o.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c04daf4d84b602e33cd55244de90765807629d32b9bec66402b61bbc9666995c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:04 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14338093
x-amzn-requestid: d1276dde-ce3c-43b3-bdf2-19fb56353b67
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="wOds-g7keFTdjN-GJyqTLrjBZhhpCg0YLl5gDBXCZ4VoYhkld3VpSQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=15
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-6d94249e4d78cc9c47e01d91;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wOds-g7keFTdjN-GJyqTLrjBZhhpCg0YLl5gDBXCZ4VoYhkld3VpSQ==

GET
H2 200 4Um58dLygSHRrlUbzVAaCiPfHeE.png
framerusercontent.com/images/ Frame A961 61 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/4Um58dLygSHRrlUbzVAaCiPfHeE.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

d065eff191539c5a5e24a3a4f1bb8ff55a32c7701e34d57ae8b49ca555bdeb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 02:47:41 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13713276
x-amzn-requestid: 76e437ee-349e-4296-8605-83da030eb99b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="-swfkuU3U6sntib9B6hiPiUaGNlIbpUxzyI-Om4lvpXXOdCOfbK8pA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=16
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657bbe4d-6fba888c030366654cd8e9e2;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -swfkuU3U6sntib9B6hiPiUaGNlIbpUxzyI-Om4lvpXXOdCOfbK8pA==

GET
H2 200 OwD5vj1mJJkrw8fQ4TLBsZu7VY.png
framerusercontent.com/images/ Frame A961 67 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OwD5vj1mJJkrw8fQ4TLBsZu7VY.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

76d2ff093e6915059cf45b5a51b88ccd5e79c038e42ecd2cf5817403b6c52cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 13814055
x-amzn-requestid: 78b339dd-e4b5-456c-bb1c-74370a5115ab
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="SjS1R7rnj-fKxX4zlJt1qmbLZPq_UZNTr57_fWml5jxh7aQ_-usvxw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=17
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-47094d6076a345a112379c31;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: SjS1R7rnj-fKxX4zlJt1qmbLZPq_UZNTr57_fWml5jxh7aQ_-usvxw==

GET
H2 200 353467326379958 Show response
connect.facebook.net/signals/config/ 56 KB
13 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/353467326379958?v=2.9.156&r=stable&domain=www.biltrewards.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f1628913a0a1a387648ef458aafc13fb54f2cbc9eb9300e3cf127e1b3d638dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 May 2024 20:02:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12691
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=62, mss=1326, tbw=63366, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: Zt/pBfiAiMAb5I1uMhgNsxjHp/5BARq1OYjvMjpHO79Lj0J9DtgEURZYmv/o6Mp/32W2L5E+xUfJbJfFHrXQCA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 en.json Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/translations/ Frame C7B5 8 KB
282 B 78ms
78ms Fetch
application/json 2606:4700:3108::ac42:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/translations/en.json

Requested by

Host: id.biltrewards.com
URL: https://id.biltrewards.com/_next/static/chunks/229-b73ce4ace404a953.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:28c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f451ccd1b82076cdf339b4c512eb3363a898c580776fe8e2a4242ffea352b4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81383
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"deeec53da2118f7d45f432e74ecef857"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 887729d48d8d37f7-FRA
expires: Tue, 21 May 2024 20:03:19 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/10874839969/ 3 KB
1 KB 36ms
36ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10874839969/?random=1716321738960&cv=9&fst=1716321738960&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b381cb2f2f22e64a9c15c5f42a9bca3a9c97fc548573029977cf70f6ec547283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 21 May 2024 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1461
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10874839969/ 43 B
61 B 74ms
32ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10874839969/?random=1716321738964&cv=9&fst=1716321738964&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925%2C509562772%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=path%3D%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DBilt%20Rewards%3Burl%3Dhttps%3A%2F%2Fwww.biltrewards.com%2F&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 21 May 2024 20:02:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
706 B 146ms
145ms Ping
text/plain 23.198.214.69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.214.69 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-198-214-69.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4c68926f
date: Tue, 21 May 2024 20:02:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2405212002196D52FC5DA62A1F6E4FCC-53401A5F651E68DB-00
x-cache: TCP_MISS from a23-198-215-133.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
server-timing: inner; dur=22, cdn-cache; desc=MISS, edge; dur=10, origin; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202405212002196D52FC5DA62A1F6E4FCC
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.198.215.133
x-tt-trace-host: 013639f38019084264c9da60332244b87b1664d2ae6422c5769771da6f7b8fbd9ff2325f909f5400355f9b344ef8d0d7a66e12447f008d4b57e22a9e0646675bbbecb854d0261fc5bd8d30e7eefdb66ae7e3f943f1131237af66ebdea7613b362f
access-control-allow-headers: Authorization,*
expires: Tue, 21 May 2024 20:02:19 GMT

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1716321738475&aid=b-00ri&se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIx...

0
0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 70ms
21ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353467326379958&ev=PageView&dl=https%3A%2F%2Fwww.biltrewards.com&rl=&if=false&ts=1716321739003&sw=1600&sh=1200&ud[external_id]=15d3e293c026d28374742492ef5f4c12c0b5695bd528bffe2d48bba5f6e7719b&v=2.9.156&r=stable&a=seg&ec=0&o=4124&fbp=fb.1.1716321739002.604039858&pm=1&hrl=f542a7&ler=empty&cdl=API_unavailable&it=1716321738921&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1716321738533-fb7272ff-6bc6-46f4-9222-4c54301af94b&cs_cc=1&cas=7368986099863077%2C5027429843991248%2C5406700332768189%2C4118934621525755%2C4544091382281257%2C4076096172505397%2C4526720607360042%2C4175906249165104%2C6099185086759110&rqm=GET

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1326, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 May 2024 20:02:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/10874839969/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10874839969/?random=94744840&cv=9&fst=1716321738960&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_...
https://www.google.com/pagead/1p-conversion/10874839969/?random=94744840&cv=9&fst=1716321738960&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his...
https://www.google.de/pagead/1p-conversion/10874839969/?random=94744840&cv=9&fst=1716321738960&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=...

42 B
64 B

69ms
37ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10874839969/?random=94744840&cv=9&fst=1716321738960&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIgcSxAg&pscrd=IhMItOjJ3MSfhgMVtFlBAh0DOQnwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LmJpbHRyZXdhcmRzLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLmEkI4VLWZVc_cBVOy7p1O2fbSj5qmg&random=3123225594&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 May 2024 20:02:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 May 2024 20:02:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10874839969/?random=94744840&cv=9&fst=1716321738960&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.biltrewards.com%2F&tiba=Bilt%20Rewards&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIgcSxAg&pscrd=IhMItOjJ3MSfhgMVtFlBAh0DOQnwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd3d3LmJpbHRyZXdhcmRzLmNvbS8&is_vtc=1&cid=CAQSGwDaQooLmEkI4VLWZVc_cBVOy7p1O2fbSj5qmg&random=3123225594&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
framerusercontent.com/images/ Frame A961 214 B
0 0ms
0ms Image
image/svg+xml 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/6tTbkXggWgQCAJ4DO2QEdXXmgM.svg

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jul 2023 10:01:00 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 27424877
x-amzn-requestid: cd6fe516-7186-49ea-8583-2bab5f74ff2a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="d4EO-U-4o0vPWECVFpuA6QBZxFUvgzm_nYh_yoJX4RT0Wn-HKxCzYQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64aa855c-0af01ff92e851a665abb74ce;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: d4EO-U-4o0vPWECVFpuA6QBZxFUvgzm_nYh_yoJX4RT0Wn-HKxCzYQ==

GET
H2 200 11KSGbIZoRSg4pjdnUoif6MKHI.svg
framerusercontent.com/images/ Frame A961 215 B
0 0ms
0ms Image
image/svg+xml 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/11KSGbIZoRSg4pjdnUoif6MKHI.svg

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 12:09:35 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 14889162
x-amzn-requestid: f927c207-5d43-4a31-84ec-0d06d0c63c6a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-rid;desc="BCfcPtpU7fbFFXwd6KGeza1Orwo8ei0XXPanekbclBykqAbCXN0fsQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6569ccff-42414f1e2713071463b83623;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BCfcPtpU7fbFFXwd6KGeza1Orwo8ei0XXPanekbclBykqAbCXN0fsQ==

GET
H3 200 xCQC3Wupbo8m3lPpUkDhzX5YD4.png
framerusercontent.com/images/ Frame A961 61 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/xCQC3Wupbo8m3lPpUkDhzX5YD4.png?scale-down-to=1024

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

052aad9f617143aa4ac1796210fe7d4b591bddfca04b80a52bb44382bf0fcaaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 Nov 2023 08:06:18 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 16199759
x-amzn-requestid: 9b6a1016-27a4-4c1c-bf6c-4dd5244f6e72
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="v3Ao0dvxVq5zSwXHpqMuZoQJQCKe4KDqfpC6F4U2A1Hl56dSfK55Fg==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6555cd7a-72716d0321980bee33a7f28e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: v3Ao0dvxVq5zSwXHpqMuZoQJQCKe4KDqfpC6F4U2A1Hl56dSfK55Fg==

GET
H3 200 7dgusnBALjfsS0yucyysUvo9a8o.jpg
framerusercontent.com/images/ Frame A961 97 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/7dgusnBALjfsS0yucyysUvo9a8o.jpg

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

16e01cf649348ae4aa10d00073964eb618ddfe12fb19832485fb131dda930f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 22 Feb 2024 18:15:57 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 7695980
x-amzn-requestid: f79f9e01-484c-4a08-bdbc-c2fddeffb140
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="i_ykcIds80DL3OH_w99rjeK-fam4Cw8UsRS9t2GLDTs9MJ-X2QnTNA==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65d78f5d-62e6045614e49c90304ec543;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: i_ykcIds80DL3OH_w99rjeK-fam4Cw8UsRS9t2GLDTs9MJ-X2QnTNA==

GET
H3 200 NI61TIlpX6TJbklIpHSie2tEpGE.png
framerusercontent.com/images/ Frame A961 65 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/NI61TIlpX6TJbklIpHSie2tEpGE.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5e5037129f05b5364a856cbc1a8bfbbaad20aeca2fe2c43d8590a856c753d485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 Nov 2023 10:28:33 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 15240824
x-amzn-requestid: 413005f5-e144-4729-aaee-163700256cfb
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="GRiMODlhMvarUjpcszQ44hw2VEZ1UxbKS2Drz-Pnx4nUFvM_T5PFZw==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65646f51-5dc48f8225829ec367f04792;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: GRiMODlhMvarUjpcszQ44hw2VEZ1UxbKS2Drz-Pnx4nUFvM_T5PFZw==

GET
H3 200 emCFcnwNiMYScIxwr45IJOzQLg4.png
framerusercontent.com/images/ Frame A961 5 KB
0 1ms
1ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/emCFcnwNiMYScIxwr45IJOzQLg4.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b7b8ac25904dcb445701b5d1efa127727723d8d9e7f440457f12ca5d3b26c9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:48:25 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4148031
x-amzn-requestid: 75f1e76e-20fc-4823-8017-c428c2130abc
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="kwB-Ine7IIHbnMBGckEFRcWPUc6dO34LGfigZitG47Mw-BNB9bTDiw==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db289-383c080d3bfe679a0b020e02;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: kwB-Ine7IIHbnMBGckEFRcWPUc6dO34LGfigZitG47Mw-BNB9bTDiw==

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1716321738475&aid=b-00ri&se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIx...

0
0

GET
H3 200 B2j04d4DELSVPqW3pu2DeFzMZU.png
framerusercontent.com/images/ Frame A961 5 KB
0 0ms
0ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/B2j04d4DELSVPqW3pu2DeFzMZU.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b27e2ff6dcd76549f2f66acf69dbcc8a5dcc53af127a14ac4e5d33adcd18cde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:48:41 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4148015
x-amzn-requestid: b23c1655-2496-4d6d-ba25-b5575ea0ccd8
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="XO94qJV7tBEWzRJMsYoxhhzgYIdqheTUktf4vI1Ghipbca4y75V80A==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db299-77502d3d29d3b3ed0817ab4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: XO94qJV7tBEWzRJMsYoxhhzgYIdqheTUktf4vI1Ghipbca4y75V80A==

GET
H3 200 f2fwl12tvW9YGosVlJxHf8yLgk.png
framerusercontent.com/images/ Frame A961 5 KB
0 1ms
1ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/f2fwl12tvW9YGosVlJxHf8yLgk.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4fd7bdd78f1e54f45a4a21f57679cb6fdf3aee47a8d71dd8852a4193eb9c4b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:49:27 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4147969
x-amzn-requestid: e9e15c28-6c87-4076-9450-45e5a8522d05
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="78Yk5QEPSnDT4OsPHFYXFSiXVTXHP-0RC9nBPrwX5Ew5jG3rlORqUw==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db2c6-198fe3572d1549c7708610ba;parent=7e93a6060e332e86;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 78Yk5QEPSnDT4OsPHFYXFSiXVTXHP-0RC9nBPrwX5Ew5jG3rlORqUw==

GET
H3 200 XjelGy0AgZXWBtmYgQFM6So2cZU.png
framerusercontent.com/images/ Frame A961 25 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/XjelGy0AgZXWBtmYgQFM6So2cZU.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a935b85e486d01cfd4d6367d1fa1cab1ae49196644c492860878cf959e332633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 17:57:54 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 20397863
x-amzn-requestid: c346a2e6-eb2d-43fb-9561-2d4dd1b33b36
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="a3_DgSFoGOlHjhQrAO7p5DcRXZRVTmakgPXktcrtNjqwVFtfT2QmKA==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515bea2-249c5b1462b996922d6bdf1c;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: a3_DgSFoGOlHjhQrAO7p5DcRXZRVTmakgPXktcrtNjqwVFtfT2QmKA==

GET
H3 200 ViCoXi9FWxoh8GjbX1a14g7pZX0.png
framerusercontent.com/images/ Frame A961 13 KB
0 3ms
2ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ViCoXi9FWxoh8GjbX1a14g7pZX0.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e87381db0061a8a04fd758811bef1906a0f760d8de5bbde1c25f7a7bccdf7f6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: d01e4eb0-6340-474b-80c0-55b1115de58d
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="p9x-gUWLABxLyKGQ6xxIuwR3q6oGWR3cN-q5-tZBOJBe5OVatwnsfg==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-2f26307d46f6186b2c4f1c6f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: p9x-gUWLABxLyKGQ6xxIuwR3q6oGWR3cN-q5-tZBOJBe5OVatwnsfg==

GET
H3 200 8ibs6KgHYOJb6Y4lzhBQsszTRc.png
framerusercontent.com/images/ Frame A961 3 KB
0 3ms
3ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/8ibs6KgHYOJb6Y4lzhBQsszTRc.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

10bd3d0e3bef262fe02d35fa3c3153a291e8d8c88625ef4c23882006270f76e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: ffd0bfc1-7f2f-4fc7-9acd-1f5586c76ef5
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="FWsFNsqWkZNI79KCXEOH_krSuQzr1UfX4Gv_AspiXpi-9BqOC5Qt9w==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-03e2c9b96a32f4f633f203de;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: FWsFNsqWkZNI79KCXEOH_krSuQzr1UfX4Gv_AspiXpi-9BqOC5Qt9w==

GET
H3 200 MxRklazzy1Emai1IjUOn2ORYq8.png
framerusercontent.com/images/ Frame A961 3 KB
0 3ms
3ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/MxRklazzy1Emai1IjUOn2ORYq8.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

65b1970ad0056e9f872f541b8684eaac58af3f4e6af9e8cc46dbba0547aa12f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 9cd05eb4-56cd-4d14-b26b-e05bd67413ad
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="JEcJgd2yehug4AlTN18CHpHsyrFlUUmVaHYssW_YrCQf-SSZSFQl9w==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-59c8d8ec74b1187037153698;parent=41ead940dd0ae5a0;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JEcJgd2yehug4AlTN18CHpHsyrFlUUmVaHYssW_YrCQf-SSZSFQl9w==

GET
H3 200 wiRNqk3Xr49CYkBPQk79io2TT1g.png
framerusercontent.com/images/ Frame A961 5 KB
0 3ms
3ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wiRNqk3Xr49CYkBPQk79io2TT1g.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4242cb0d811aa58c2c1346e393e3f32eabeea6a8b111505ba9d455c519af0a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 88b07d04-c4a8-44bb-840f-bdf84f29aeb9
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="xoU1mi_g8--2Lx4tjCN6mBWjXMC1GaJh_5nL1nV6P6qmpSiF_TKfdg==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-26424c4d5df73fe80d2cad86;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xoU1mi_g8--2Lx4tjCN6mBWjXMC1GaJh_5nL1nV6P6qmpSiF_TKfdg==

GET
H3 200 5JsrF9pUWaXrgy50k6xEWQpJoxA.png
framerusercontent.com/images/ Frame A961 15 KB
0 3ms
3ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/5JsrF9pUWaXrgy50k6xEWQpJoxA.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

351ec7eaa47a100223c28f83fcc130fcc711cd585cffcb2e5a13c7aa8c7797e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:19:16 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146181
x-amzn-requestid: 35fcf2c5-9113-4835-87c2-1e3607d7236e
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="DFi5rzGl-MryffHOjrmlVoE6MlsdvieP40IpsxftiJSZNcnfmQsiZw==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db9c4-7ddc3b4d0ce00a876eb737c8;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: DFi5rzGl-MryffHOjrmlVoE6MlsdvieP40IpsxftiJSZNcnfmQsiZw==

GET
H3 200 ftPWeWr9bdX4s1UGa0CgDGwo6Q.png
framerusercontent.com/images/ Frame A961 6 KB
0 4ms
4ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ftPWeWr9bdX4s1UGa0CgDGwo6Q.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8e8aeadc29c7a5c988fd6d12f6e2ab09da8e7c266eb92662c88e5485f7ca6a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 0e9e4021-dc89-4725-ac4b-63158ac32908
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="cN6EbvCErUFEpuyd2IOfcM4fRDYLPbQF6uC8rHG-liU_zBzwuZ1JlA==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-616f85da7187310d38aa6717;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: cN6EbvCErUFEpuyd2IOfcM4fRDYLPbQF6uC8rHG-liU_zBzwuZ1JlA==

GET
H3 200 aFXvQ8tvchAhSy28xtqLwAcc.png
framerusercontent.com/images/ Frame A961 9 KB
0 4ms
4ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/aFXvQ8tvchAhSy28xtqLwAcc.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dc36791a319faca1216172316a62bec25a815789c703e22ca883a6754d60b69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146442
x-amzn-requestid: d3c0b3f9-51c2-442f-8e18-fa888d4c166f
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="6dVLpGCTaSl0c-U_G0aQRrdquF585EE_9Y3N52T2_w82F5wNmcKoHw==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-3a55b3a21e01caea5d57d28d;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6dVLpGCTaSl0c-U_G0aQRrdquF585EE_9Y3N52T2_w82F5wNmcKoHw==

GET
H3 200 Fi5WiSlR8pQgUTvWiBx9llcchmY.png
framerusercontent.com/images/ Frame A961 2 KB
0 4ms
4ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Fi5WiSlR8pQgUTvWiBx9llcchmY.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8c1a0ce4d216e8ebccf87693a96b6cddf4f7d72cdfe4d87c1dea22e9b5591e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 38306c3b-1cc1-4d11-bdfe-f7e4591a8eab
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="zK3743pj9Nct5OsmRG2geezo0KfO2onhHgfi16HPNVQBwmpCzb1zqw==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-526d969e22cb279224fafd03;parent=34734ef8c377a80b;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: zK3743pj9Nct5OsmRG2geezo0KfO2onhHgfi16HPNVQBwmpCzb1zqw==

GET
H3 200 Ax6NHsTfN0grr4AHyWTy2Sz2RI.png
framerusercontent.com/images/ Frame A961 9 KB
0 4ms
4ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Ax6NHsTfN0grr4AHyWTy2Sz2RI.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b5701c4d14b0fc7c3b9376cb94170a68ec73407bd51f1fe168430e37fec2b32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 3e6905e1-af53-4cd5-a73a-766e60fce23e
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="ID-M6EXguHLWjnDgViC5iSxK9Tn1LwHimJHEkggLEC0UZepl_eWgww==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-43e8761e72276c392c206454;parent=5ef6032e39bfdbfd;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ID-M6EXguHLWjnDgViC5iSxK9Tn1LwHimJHEkggLEC0UZepl_eWgww==

GET
H3 200 8WJAm6JhDhA9oa7JjDgElrhOiQ.png
framerusercontent.com/images/ Frame A961 10 KB
0 4ms
4ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/8WJAm6JhDhA9oa7JjDgElrhOiQ.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6a3c77088d19884e2cb7401a2e9972e357ebb263d905e098014220aeed999815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 5cf4f05e-68c7-4c04-bb92-72a6d5f0441c
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="gfLdz6Cz_DmFCsoKsGbHlPcbPc28YHYKIuid9aaLujNyqpIThB3Oow==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-5014c2ca11b926b03e287a93;parent=4d7a1a7c792d3cf1;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gfLdz6Cz_DmFCsoKsGbHlPcbPc28YHYKIuid9aaLujNyqpIThB3Oow==

GET
H3 200 o5yryGY3RMxXyiyQyqeuPPxOz60.png
framerusercontent.com/images/ Frame A961 12 KB
0 4ms
4ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/o5yryGY3RMxXyiyQyqeuPPxOz60.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6a80765e705635ab8f3f4ca137d925f2958a21147effb88c80e3b9e300ff9129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 46637bc1-f1c0-4eff-b80e-a01d1c83c945
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="JM8mbYA6TBtgpsrtcbxmd5Lc0IrxKZfyiunYOYkAhxyJA04JYVmG5A==",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-51cb383a23a022e62f06d847;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JM8mbYA6TBtgpsrtcbxmd5Lc0IrxKZfyiunYOYkAhxyJA04JYVmG5A==

GET
H3 200 9ak0DxXbaVM1VoMTeIMa99JiKI.png
framerusercontent.com/images/ Frame A961 13 KB
0 5ms
4ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/9ak0DxXbaVM1VoMTeIMa99JiKI.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cb5af3540ca60d5b611ff32706a636ed017b8b94ff154cec81b1a6144def5b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: e49d56ed-c89a-4122-9542-dae82d2ce91a
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="f2xSE97ir7cF5HbTVTA7ohV1GCpZVe2EbI6AlD2DXY0zJGgkx00rUQ==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-496ea6cd7b9df6fc35f1ae5a;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: f2xSE97ir7cF5HbTVTA7ohV1GCpZVe2EbI6AlD2DXY0zJGgkx00rUQ==

GET
H3 200 hnIi4P7pdlJAXqbv27Bue7JEr2k.png
framerusercontent.com/images/ Frame A961 4 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/hnIi4P7pdlJAXqbv27Bue7JEr2k.png

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9a5fac4171ae0fa4e6253a625c99f72b75949f1ebde08b51108f26923d51be43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:56 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146441
x-amzn-requestid: 387e7d12-7391-4a3d-9de5-6dc02dcecac0
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="wfB0EPVy3wAoEw4SjhESaShYhHU97aGbMo_Of4CuyltXBbOzJug-DQ==",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8c0-093bda40237ba4fd282d5175;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wfB0EPVy3wAoEw4SjhESaShYhHU97aGbMo_Of4CuyltXBbOzJug-DQ==

GET
H3 200 wlTHpTUu4ykBMBG21EX0CERes.png
framerusercontent.com/images/ Frame A961 11 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wlTHpTUu4ykBMBG21EX0CERes.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5733d9bc8e680afc43dd30cafe37543fd63da220a1472c63c126a43896d29247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146442
x-amzn-requestid: 740e1468-d462-4477-a353-e374bc3e36e0
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="3gWegbeCONaeX5v30BHIVZRmHclizJDat36CWFdwYkPE_W2AWVt4fg==",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-744060b15d09108e4111b709;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 3gWegbeCONaeX5v30BHIVZRmHclizJDat36CWFdwYkPE_W2AWVt4fg==

GET
H3 200 pMOoQGEce2gdLvB4HZNfsf4sY.png
framerusercontent.com/images/ Frame A961 10 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/pMOoQGEce2gdLvB4HZNfsf4sY.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

770c4939f53c96cccac5b0e25ed133940e3d731cfd7c6567e3415e4fa6f66002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146442
x-amzn-requestid: 112cbf87-6183-4300-bd3b-e9d5a6080319
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="DpN-E64iO-rRKKeGEQYxlyR7zg7jWw6yGe1Gr9zr-6CwxRNfgebM4g==",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-257e295850b9ea1d6b049c28;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: DpN-E64iO-rRKKeGEQYxlyR7zg7jWw6yGe1Gr9zr-6CwxRNfgebM4g==

GET
H3 200 GqxnFscgQXWBc0FTLQUcBVmIfV8.png
framerusercontent.com/images/ Frame A961 12 KB
0 1ms
1ms Image
image/png 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/GqxnFscgQXWBc0FTLQUcBVmIfV8.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1462a6870c6180f472f6a9740ab8e38dee1bc0c467871e1e32e433806320b4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146442
x-amzn-requestid: 4eeffb6a-23dc-4897-bf51-367a8f3f6fbf
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="3-Ra9-Kj4siIG5OxKoRGm0IC8u0I5Vc19F98NNec2JHoGsrfw7-wjg==",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-1f4926595178469236cb7a7a;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 3-Ra9-Kj4siIG5OxKoRGm0IC8u0I5Vc19F98NNec2JHoGsrfw7-wjg==

GET
H3 200 eODr1NJCd9NMOsg3WpToY6znD0.png
framerusercontent.com/images/ Frame A961 15 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/eODr1NJCd9NMOsg3WpToY6znD0.png?scale-down-to=512

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9164300fd0eeac414cbba5c13af67cecac3685ffc4fa1f18e582056d46490487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 20:14:55 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4146442
x-amzn-requestid: 26e63173-cda4-4116-b7f9-6b3df5b70d29
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="e-PM7XNoxzpr0uYx6nzMxN58wNq5aXbu8SawdFdfqxDG_jmx_Q2LwQ==",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660db8bf-787743b1177b9d017868a88e;parent=382592e15e444519;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: e-PM7XNoxzpr0uYx6nzMxN58wNq5aXbu8SawdFdfqxDG_jmx_Q2LwQ==

GET
H2 200 bilt
decagon.ai/demo/ Frame AF3B 0
0 187ms
144ms Document
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://decagon.ai/demo/bilt?defaultVisibility=hidden

Requested by

Host: decagon.ai
URL: https://decagon.ai/loaders/bilt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 21 May 2024 20:02:19 GMT
server: Vercel
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-matched-path: /demo/[slug]
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: iad1
x-vercel-id: fra1::iad1::24d5l-1716321739262-5bd6b84195e1

GET
H2 200 de67a7b8-de3e-4c8f-858d-6c7f832a1a5f
sync-transcend-cdn.com/consent-manager/ Frame 52F7 0
0 125ms
60ms Document
application/xhtml+xml 2606:4700::6812:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sync-transcend-cdn.com/consent-manager/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
age: 2037
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 887729d68ef7383b-FRA
content-disposition: inline
content-encoding: br
content-type: application/xhtml+xml
date: Tue, 21 May 2024 20:02:19 GMT
etag: W/"ecaabd46fc191f55321d2c2683697460"
expect-ct: max-age=86400, enforce
expires: Tue, 21 May 2024 20:03:19 GMT
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
165 B 51ms
50ms Ping
text/plain 18.203.30.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.30.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-30-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 May 2024 20:02:19 GMT
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
cross-origin-resource-policy: cross-origin
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET
H3 200 yhcjbBUdWKuI5ee25BmmDwVlQ.png
framerusercontent.com/images/ Frame A961 3 KB
0 0ms
0ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/yhcjbBUdWKuI5ee25BmmDwVlQ.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a05264144271a335fb2ba344835479c8b97cca952f010b9cb8c2d3917abfa50c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:25:58 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4149380
x-amzn-requestid: 880339d6-3db5-4cff-922c-9d784925e18a
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="5LvpTT8Pzi3Lyz5igCLY9PMY2uk9IxBdRWg_dysx4spU0simgANPhQ==",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad46-14e9b9a6208a1250783bd69a;parent=3ee3c348b457ba85;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5LvpTT8Pzi3Lyz5igCLY9PMY2uk9IxBdRWg_dysx4spU0simgANPhQ==

GET
H3 200 uMy6gIwSwWrVGDsXDGVWHHKzYEE.png
framerusercontent.com/images/ Frame A961 3 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/uMy6gIwSwWrVGDsXDGVWHHKzYEE.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

45c345166436583f0abd394d710d9eeaa329108cdd1a3f09556192d38227cf54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4149375
x-amzn-requestid: 614a176e-58c0-4338-a7f0-8da006b9677e
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="OjBsTNDNB03AK03wnw-fWv2BQ5RxxYNfjfxM-PdZ5XN3RXGZjS847w==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-01d684fc19c54c0573d4a145;parent=592f8614859ed3a8;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OjBsTNDNB03AK03wnw-fWv2BQ5RxxYNfjfxM-PdZ5XN3RXGZjS847w==

GET
H3 200 NRqZdfp0sRwRZ2mBC3XB3MGG4.png
framerusercontent.com/images/ Frame A961 2 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/NRqZdfp0sRwRZ2mBC3XB3MGG4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7fcb5ce28fc78270827a658038cdbd41ccfd7046c1e2a5722c745f6a41fbcb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4149375
x-amzn-requestid: a72a37c2-8d1f-4b7c-a9c6-36928c59ecf1
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="39GvXgwhmYU3rVW7teyQkaPPIGA8z3EebjaMO9uC40HE1VCV9qUDFw==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-14fb96f06813c3ab16d39a6a;parent=0473473adef448a2;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 39GvXgwhmYU3rVW7teyQkaPPIGA8z3EebjaMO9uC40HE1VCV9qUDFw==

GET
H3 200 c8bJ9cJNZu0SSI90azRcdddA.png
framerusercontent.com/images/ Frame A961 3 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/c8bJ9cJNZu0SSI90azRcdddA.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d5d57d912d1e17d9db264a07b64a6a3ed4265303e1d73c542ec3cc2d1ef672c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4149375
x-amzn-requestid: f067016b-8a63-4afe-b438-64a09037f935
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="UueaTbeJAZOgjd1v6NVDkk6NQkhert13G72-J4INyIk2yiO2Ls5T4g==",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-081a6b1244d6a917705fe4fb;parent=1f92f6a054dbf007;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: UueaTbeJAZOgjd1v6NVDkk6NQkhert13G72-J4INyIk2yiO2Ls5T4g==

GET
H3 200 PJj4RY5yFu6gqPz485dMfCclbxQ.png
framerusercontent.com/images/ Frame A961 16 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PJj4RY5yFu6gqPz485dMfCclbxQ.png?scale-down-to=512

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cc05f6874071cc404007806efb2cfedefe4b82aca5469dfaf9c5cc3720d91347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:25 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4149293
x-amzn-requestid: 55909a7d-6c51-45ee-abca-67c8443054bc
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="IhuL8sPdgoRxN9M90XvsXgKt0tmDfKDBbFNq8bi7fovdsmTaR8d-Qw==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad9c-782eb4a7627511237e817f9f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: IhuL8sPdgoRxN9M90XvsXgKt0tmDfKDBbFNq8bi7fovdsmTaR8d-Qw==

GET
H3 200 gMGCZacBG9NmOgMr0vAlUWzMM.png
framerusercontent.com/images/ Frame A961 2 KB
0 1ms
1ms Image
image/webp 2600:9000:21c7:9a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/gMGCZacBG9NmOgMr0vAlUWzMM.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:21c7:9a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6c7105dd948f39cf942552d784adc2784ae2ab999863706fd3f79ec370906ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www2.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:26:03 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 4149375
x-amzn-requestid: 955649e1-5ec9-4dac-a9a5-59b23b6abde1
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="AMS54-C1",cdn-hit-layer;desc="EDGE",cdn-rid;desc="BVh-yabwXIs-SESaBIwd6E5xLkRFxGObqifNuDRErZizuvZdip4-2w==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-660dad4b-639593ed4cbcf0391b54d492;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BVh-yabwXIs-SESaBIwd6E5xLkRFxGObqifNuDRErZizuvZdip4-2w==

GET
H2

200

p
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/p?dtstmp=1716321739247&aid=b-00ri&se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/p?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321739247&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIx...

43 B
240 B

380ms
115ms

Image
image/gif

3.87.104.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rp4.liadm.com/p?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321739247&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4
Protocol: H2
Server: 3.87.104.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-87-104-207.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 21 May 2024 20:02:19 GMT
x-pixel-event-id: b28e5421-61cb-4d90-9f84-ab08d8663272
content-length: 43
content-type: image/gif

Redirect headers

location: https://rp4.liadm.com/p?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321739247&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4
date: Tue, 21 May 2024 20:02:19 GMT
content-length: 0

GET
H2

200

p
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/p?dtstmp=1716321739247&aid=b-00ri&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYW...
https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTYzMjE3Mzg0NzUmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaH...

43 B
239 B

381ms
117ms

Image
image/gif

3.87.104.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTYzMjE3Mzg0NzUmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaHllYnlxLi4uIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiRXJyb3I6IEVycm9yIGR1cmluZyBYSFIgY2FsbDogMCwgdXJsOiBodHRwczovL3JwLmxpYWRtLmNvbS9qP2R0c3RtcD0xNzE2MzIxNzM4NDc1JmFpZD1iLTAwcmkmc2U9ZTMwJmR1aWQ9MDVlMjFlOWE2ODZlLS0wLi4uIiwiZmlsZU5hbWUiOiJ1bmRlZmluZWQifQ&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321739247&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4
Protocol: H2
Server: 3.87.104.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-87-104-207.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.biltrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 21 May 2024 20:02:19 GMT
x-pixel-event-id: fa1fd18a-0f7d-4ce6-ac72-99703e2d8e38
content-length: 43
content-type: image/gif

Redirect headers

location: https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTYzMjE3Mzg0NzUmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaHllYnlxLi4uIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiRXJyb3I6IEVycm9yIGR1cmluZyBYSFIgY2FsbDogMCwgdXJsOiBodHRwczovL3JwLmxpYWRtLmNvbS9qP2R0c3RtcD0xNzE2MzIxNzM4NDc1JmFpZD1iLTAwcmkmc2U9ZTMwJmR1aWQ9MDVlMjFlOWE2ODZlLS0wLi4uIiwiZmlsZU5hbWUiOiJ1bmRlZmluZWQifQ&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321739247&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4
date: Tue, 21 May 2024 20:02:19 GMT
content-length: 0

GET
H2 200 remediation_1716295517676.js Show response
cdn.userway.org/widgetapp/2024-05-21-12-45-17/remediation/ 102 KB
29 KB 27ms
26ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/remediation/remediation_1716295517676.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/widget_app_base_1716295517676.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 60f03b58dea95b57b6bbea35103461ee20cd93825bec85c30fb36e0c37c4fdad

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:19 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 399
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 25563
x-accel-date: 1716296176
x-77-nzt: EgwB1GY4sQH322MAAAwBisclxAH3IQAAAA
x-accel-expires: @1742216143
x-77-age: 25563
last-modified: Tue, 21 May 2024 12:47:16 GMT
server: CDN77-Turbo
etag: W/"ca7cbabacaca06648b3d7ac75bcdc3fb"
x-77-nzt-ray: 1cb09c0efc756736cbfd4c66b8f5e227
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: LnrB8SrGCDzUT5Y8OkSStTvGzI2dV67tKIhasq7qvA5-1WArxdXw9w==

GET
H2 200 IXD25a7qYzAOaBBz.json Show response
cdn.userway.org/remediations/consolidated/2055530/ 864 KB
112 KB 36ms
35ms XHR
application/json 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2055530/IXD25a7qYzAOaBBz.json
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5cf25ad54e83f0818d642d719afc921a523d92d9d450643fd8357f62a96a8b64

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:19 GMT
via: 1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 618
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 22776
x-accel-date: 1716298963
x-77-nzt: EgwB1GY4sQH3+FgAAAwBJRPCLgH3YAgAAA
x-accel-expires: @1747832819
x-77-age: 22776
last-modified: Thu, 25 Apr 2024 19:17:37 GMT
server: CDN77-Turbo
etag: W/"54787d57725833581fb3127dea55b4ac"
x-77-nzt-ray: 1cb09c0efc756736cbfd4c66dd5eee27
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: jHqrZrcn8FFDkfNkSFR-4q0YLyc-HsCsw1YNG9GT4PwGmC-DtjxFZw==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 21ms
20ms Image
image/svg+xml 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:19 GMT
via: 1.1 0f8477062090de8d23b9985455734a32.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-P1
age: 127
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 25567
x-accel-date: 1716296172
x-77-nzt: EgwB1GY4sQH332MAAAwBnJIhJwH3IAAAAA
x-accel-expires: @1742216140
x-77-age: 25567
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray: 1cb09c0ebe71b130cbfd4c66a9f49829
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: dR6UfwXOQHO97WKgCQ0XnznOQA9KStjtqyi4Fv687GTLQBSJlmEzhw==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:19 GMT
via: 1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 127
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 25567
x-accel-date: 1716296172
x-77-nzt: EgwB1GY4sQH332MAAAwBJRPCLgH3IAAAAA
x-accel-expires: @1742216140
x-77-age: 25567
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 1cb09c0ebe71b130cbfd4c6616b8a529
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: ik171ShmRqmSy_C6qCFXsLEzmRoEq7kY6t2YvZfqtnh60InjoEhScw==

GET
H2 200 nid-adv-5.2.4.js Show response
scripts.neuro-id.com/ Frame C7B5 149 KB
47 KB 25ms
24ms Script
application/javascript 2600:9000:275b:ee00:19:2755:1280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.neuro-id.com/nid-adv-5.2.4.js
Requested by: Host: scripts.neuro-id.com
URL: https://scripts.neuro-id.com/c/nid-pixel520.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:ee00:19:2755:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83dc56b9cd11d2a8e9324a5985639b8a680378f43eb82e8d55a4260a7a58d3cc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://id.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 19:33:55 GMT
content-encoding: gzip
via: 1.1 96f7375d4633bdc30f727db82897e3b4.cloudfront.net (CloudFront)
x-amz-version-id: ckf0kqhO7dnQLBhn3jQq8qrGQSzx.nwb
x-amz-cf-pop: FRA60-P7
age: 2939305
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 47349
last-modified: Mon, 15 Apr 2024 15:59:31 GMT
server: AmazonS3
etag: "5e8e731c3340640119ae72fcff355586"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: I4r062OTP7TmUUSnAfez_VMBPOrKIuQYHGOZgNPC_9_9XzFpCRH21g==

GET
H2 200 remediation-tool.js Show response
cdn.userway.org/remediation/2024-05-21-12-45-17/paid/ 58 KB
21 KB 24ms
24ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-05-21-12-45-17/paid/remediation-tool.js?ts=1716295517676
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/widget_app_base_1716295517676.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8d5861c48a576edc397b0bf2e220e3f78b6ad36213715ad6982d078856f11c0b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:20 GMT
via: 1.1 6fa384f51cde51d7c86ee18d17ac3eaa.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 399
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 25564
x-accel-date: 1716296176
x-77-nzt: EgwB1GY4sQH33GMAAAwBJRPCNAH3IAAAAA
x-accel-expires: @1742216144
x-77-age: 25564
last-modified: Tue, 21 May 2024 12:47:21 GMT
server: CDN77-Turbo
etag: W/"cfa5f88254d7b736d1ff05bbbdfbfcdd"
x-77-nzt-ray: 1cb09c0efc756736ccfd4c66ec61fe01
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: j-_9kMUbL97ZIcNYgGd0iGIrRSTN32t8-etMV5NFE70CqBYXm4JoJQ==

GET
H2 200 IXD25a7qYzAOaBBz.json Show response
cdn.userway.org/remediations/consolidated/2055530/ 864 KB
0 0ms
0ms Fetch
application/json 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2055530/IXD25a7qYzAOaBBz.json
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5cf25ad54e83f0818d642d719afc921a523d92d9d450643fd8357f62a96a8b64

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:19 GMT
via: 1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 618
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 22776
x-accel-date: 1716298963
x-77-nzt: EgwB1GY4sQH3+FgAAAwBJRPCLgH3YAgAAA
x-accel-expires: @1747832819
x-77-age: 22776
last-modified: Thu, 25 Apr 2024 19:17:37 GMT
server: CDN77-Turbo
etag: W/"54787d57725833581fb3127dea55b4ac"
x-77-nzt-ray: 1cb09c0efc756736cbfd4c66dd5eee27
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: jHqrZrcn8FFDkfNkSFR-4q0YLyc-HsCsw1YNG9GT4PwGmC-DtjxFZw==

GET
H2 200 favicon.ico
www.biltrewards.com/ 15 KB
3 KB 29ms
29ms Other
image/vnd.microsoft.icon 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9fff2bb0ae4e7b8399d2af77253fecd38540f21fbd2e5899f1459eec325a4cca

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com *.lvh.me:3000 *.henridev.com *.henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.biltrewards.com *.doubleclick.net *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 May 2024 20:02:20 GMT
strict-transport-security: max-age=63072000
age: 1122
content-disposition: inline; filename="favicon.ico"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::2r2k6-1716321740263-834cb2b3033f
x-matched-path: /favicon.ico
etag: W/"8709c36a9447ce8f70f68b6627d2c739"
x-vercel-cache: HIT
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate

GET
H2 200 de67a7b8-de3e-4c8f-858d-6c7f832a1a5f
sync-transcend-cdn.com/consent-manager/ Frame E0BD 0
0 50ms
49ms Document
application/xhtml+xml 2606:4700::6812:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sync-transcend-cdn.com/consent-manager/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://id.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
age: 2038
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 887729dd7a86383b-FRA
content-disposition: inline
content-encoding: br
content-type: application/xhtml+xml
date: Tue, 21 May 2024 20:02:20 GMT
etag: W/"ecaabd46fc191f55321d2c2683697460"
expect-ct: max-age=86400, enforce
expires: Tue, 21 May 2024 20:03:20 GMT
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 2055530 Show response
api.userway.org/api/br-links/v0/contribute/ 51 B
429 B 516ms
515ms Fetch
application/json 2600:1f14:5db:eb00:491e:9f27:4143:4c40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/contribute/2055530
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:491e:9f27:4143:4c40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:21 GMT
etag: W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 51
x-service-version: apps-ddb67952

GET
H2 200 2055530 Show response
api.userway.org/api/br-links/v0/links/ 86 B
452 B 181ms
180ms Fetch
application/json 2600:1f14:5db:eb00:491e:9f27:4143:4c40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links/2055530
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:491e:9f27:4143:4c40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3f7853bd4d6086be63374d96af8f4297718ae35b74698c30e362bf43a1d888a5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:20 GMT
etag: W/"56-Q78UpHasXJc4bkSkw+leqwZtTHI"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=300, public
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 86
x-service-version: apps-ddb67952

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/TlbN1PqpZB/2055530/RLqwMG7OTpTSzPtC/ 203 B
759 B 24ms
23ms Fetch
application/json 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/TlbN1PqpZB/2055530/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Ftvspix.com%2Ft.png%22%2C%22alt%22%3A%22%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9eb94d0e2d04f7b70c7077d41fd696e37f907326f3a8da175cd2692f58a3b0b8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:21 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: HIT
x-age: 537452
x-accel-date: 1715784289
x-service-version: img-dscr-srv-8d5b377c
x-77-nzt: EgwBw7WvDgH3bDMIAAwBnJIhHwH3R6oGAA
x-accel-expires: @1716388797
x-77-age: 537452
server: CDN77-Turbo
etag: W/"cb-VcEGOmjk6/aVZ+dPlTrcmCsXD2g"
x-77-nzt-ray: 9083393036774027cdfd4c662bb91b24
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/TlbN1PqpZB/2055530/RLqwMG7OTpTSzPtC/ Frame 0
0 714ms
645ms Preflight 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/TlbN1PqpZB/2055530/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Ftvspix.com%2Ft.png%22%2C%22alt%22%3A%22%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Tue, 21 May 2024 20:02:21 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBw7WvDgAACAGckiEfAAA
x-77-nzt-ray: 9083393036774027ccfd4c662bbe4139
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-727604a1

GET
H2 200 nav_menu_helper_1716295517676.js Show response
cdn.userway.org/widgetapp/2024-05-21-12-45-17/remediation/ 23 KB
7 KB 23ms
22ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/remediation/nav_menu_helper_1716295517676.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/widget_app_base_1716295517676.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:21 GMT
via: 1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 398
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 25562
x-accel-date: 1716296179
x-77-nzt: EgwB1GY4sQH32mMAAAwBJRPCLgH3IwAAAA
x-accel-expires: @1742216144
x-77-age: 25562
last-modified: Tue, 21 May 2024 12:47:16 GMT
server: CDN77-Turbo
etag: W/"d5babf1f477d0f7bf4044b0693b956d9"
x-77-nzt-ray: 1cb09c0efc756736cdfd4c66ba87f601
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: vvwvD6XuM4-MP-BUbs4kZWHKpiuW_4Vw6UIx1WG10wRxPSTF8DvYfQ==

GET
H2 200 /
www.facebook.com/tr/ 0
126 B 24ms
23ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353467326379958&ev=User%20properties&dl=https%3A%2F%2Fwww.biltrewards.com&rl=&if=false&ts=1716321741340&sw=1600&sh=1200&ud[external_id]=15d3e293c026d28374742492ef5f4c12c0b5695bd528bffe2d48bba5f6e7719b&v=2.9.156&r=stable&a=seg&ec=1&o=4124&fbp=fb.1.1716321739002.604039858&pm=1&hrl=a80ff7&ler=empty&cdl=API_unavailable&it=1716321738921&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1716321738526-1cb292fb-7272-4f6b-86f6-f412224c5430&tm=2&cs_cc=1&cas=5027429843991248%2C5406700332768189%2C4118934621525755%2C4076096172505397%2C4526720607360042%2C4175906249165104%2C6099185086759110&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1326, tbw=3129, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 May 2024 20:02:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/TlbN1PqpZB/2055530/RLqwMG7OTpTSzPtC/ 260 B
778 B 22ms
22ms Fetch
application/json 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/TlbN1PqpZB/2055530/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fstatic.biltrewards.com%2Fassets%2Ffooter%2FAllyant_Accessibility_Badge.svg%22%2C%22alt%22%3A%22Reviewed%20by%20Allyant%20for%20accessibility%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1a01aa66114101f1f59b9496a0fa58943400ed89a7471cd23ddd01cedf7d8d1e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Tue, 21 May 2024 20:02:22 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: HIT
x-age: 88972
x-accel-date: 1716232770
x-service-version: img-dscr-srv-406c249e
x-77-nzt: EgwBw7WvDgHXjFsBAAwBJRPCLgH3VEkIAA
x-accel-expires: @1716829300
x-77-age: 88972
server: CDN77-Turbo
etag: W/"104-DKfoT6MRwLRaBuyjwx6XcPzWB3o"
x-77-nzt-ray: 9083393036774027cefd4c66b5670a06
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=604800
vary: Accept-Encoding
access-control-allow-headers: *

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/TlbN1PqpZB/2055530/RLqwMG7OTpTSzPtC/ Frame 0
0 208ms
208ms Preflight 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/TlbN1PqpZB/2055530/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fstatic.biltrewards.com%2Fassets%2Ffooter%2FAllyant_Accessibility_Badge.svg%22%2C%22alt%22%3A%22Reviewed%20by%20Allyant%20for%20accessibility%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Tue, 21 May 2024 20:02:22 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBw7WvDgAACAElE8IuAAA
x-77-nzt-ray: 9083393036774027cdfd4c66b5c88536
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-727604a1

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.biltrewards.com%2F/DESKTOP/WIDGET_ON/ 77 B
455 B 196ms
195ms Fetch
application/json 2600:1f14:5db:eb00:491e:9f27:4143:4c40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.biltrewards.com%2F/DESKTOP/WIDGET_ON/status
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/4058-2f666a5796eacaaf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:491e:9f27:4143:4c40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 20:02:24 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-d8489dbc

GET
H2 204 js_tracking Show response
tags.srv.stackadapt.com/ 0
154 B 113ms
112ms XHR
text/plain 35.157.234.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fwww.biltrewards.com%2F&uid=CLz8BddIbHunRwx9J6JGIQ&v=1&host=https%3A%2F%2Fwww.biltrewards.com
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.234.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-234-167.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.biltrewards.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.biltrewards.com
date: Tue, 21 May 2024 20:02:28 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.redditstatic.com
URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_7lmxmkme_telemetry

Domain: conversions-config.reddit.com
URL: https://conversions-config.reddit.com/v1/pixel/error

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/p	1970-01-21 06:21:21	Name: lidid Value: c387e1cc-9004-49d4-be9d-72e035e40ea0
www.biltrewards.com/	1970-01-21 05:30:57	Name: theme Value: light
.biltrewards.com/	1970-01-20 22:54:57	Name: _gcl_au Value: 1.1.1832413212.1716321737
.mgln.ai/	1970-01-20 22:11:45	Name: arc_id Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IkltWmtNVGt3TWpaaUxXRm1OemN0TkRJNE5DMWlaREF5TFdSaE1qZzVORGd4WlRsaFpDST0iLCJleHAiOiIyMDI0LTA3LTIwVDIwOjAyOjE3LjUyOFoiLCJwdXIiOiJjb29raWUuYXJjX2lkIn19--25616f9599d271da8900ff442f9b6dbd6eabc503
tags.srv.stackadapt.com/	1970-01-21 05:30:57	Name: sa-user-id Value: s%3A0-13bff1a0-a01e-5a5a-7e29-c3c018bc9ae7.iZ7mpvQE9CEeG37lYW7y%2BsdFBjhtOCtH17HrcYGGyU4
.srv.stackadapt.com/	1970-01-21 05:30:57	Name: sa-user-id Value: s%3A0-13bff1a0-a01e-5a5a-7e29-c3c018bc9ae7.iZ7mpvQE9CEeG37lYW7y%2BsdFBjhtOCtH17HrcYGGyU4
tags.srv.stackadapt.com/	1970-01-21 05:30:57	Name: sa-user-id-v2 Value: s%3AE7_xoKAeWlp-KcPAGLya59ly14M.QB9YztoNAJUU6crgxHm7zlzM%2BuAJ%2Feblk1adWAk5QtE
.srv.stackadapt.com/	1970-01-21 05:30:57	Name: sa-user-id-v2 Value: s%3AE7_xoKAeWlp-KcPAGLya59ly14M.QB9YztoNAJUU6crgxHm7zlzM%2BuAJ%2Feblk1adWAk5QtE
tags.srv.stackadapt.com/	1970-01-21 05:30:57	Name: sa-user-id-v3 Value: s%3AAQAKIHA3H2EEmQtKCcneGn8odvHKBl4NWP20rZid3RNg5kptEHwYBCDJ-7OyBjABOgS9M-cxQgSSTuJ6.1tN15c9UHgm67PNQ351Os%2FrkEWx%2B1GU%2Fx0fbulHijL4
.srv.stackadapt.com/	1970-01-21 05:30:57	Name: sa-user-id-v3 Value: s%3AAQAKIHA3H2EEmQtKCcneGn8odvHKBl4NWP20rZid3RNg5kptEHwYBCDJ-7OyBjABOgS9M-cxQgSSTuJ6.1tN15c9UHgm67PNQ351Os%2FrkEWx%2B1GU%2Fx0fbulHijL4
.tiktok.com/	1970-01-21 06:06:57	Name: _ttp Value: 2gn7xuqvvenuLMwtYQfbSslH6zf
.tapad.com/	1970-01-20 22:11:45	Name: TapAd_TS Value: 1716321738008
.tapad.com/	1970-01-20 22:11:45	Name: TapAd_DID Value: 3af2a101-753b-48ea-be89-6ce6fd205c9a
.tapad.com/	1970-01-20 22:11:45	Name: TapAd_3WAY_SYNCS Value:
.biltrewards.com/	1970-01-21 06:21:21	Name: _ga_QLSYZKSM0E Value: GS1.1.1716321738.1.0.1716321738.0.0.0
.biltrewards.com/	1970-01-21 06:21:21	Name: _ga Value: GA1.1.350475638.1716321738
.biltrewards.com/	1970-01-20 22:54:57	Name: _rdt_uuid Value: 1716321738193.db8be8c7-7dc7-4430-be2b-878f36db928c
.biltrewards.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .biltrewards.com
.biltrewards.com/	1970-01-21 06:21:21	Name: _lc2_fpi Value: 05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x
.biltrewards.com/	1970-01-21 06:21:21	Name: _lc2_fpi_meta Value: {%22w%22:1716321738209}
www.biltrewards.com/	1970-01-21 05:30:57	Name: sa-user-id Value: s%253A0-13bff1a0-a01e-5a5a-7e29-c3c018bc9ae7.iZ7mpvQE9CEeG37lYW7y%252BsdFBjhtOCtH17HrcYGGyU4
www.biltrewards.com/	1970-01-21 05:30:57	Name: sa-user-id-v2 Value: s%253AE7_xoKAeWlp-KcPAGLya59ly14M.QB9YztoNAJUU6crgxHm7zlzM%252BuAJ%252Feblk1adWAk5QtE
www.biltrewards.com/	1970-01-21 05:30:57	Name: sa-user-id-v3 Value: s%253AAQAKIHA3H2EEmQtKCcneGn8odvHKBl4NWP20rZid3RNg5kptEHwYBCDJ-7OyBjABOgS9M-cxQgSSTuJ6.1tN15c9UHgm67PNQ351Os%252FrkEWx%252B1GU%252Fx0fbulHijL4
.biltrewards.com/	1970-01-21 05:30:57	Name: ajs_anonymous_id Value: b292fb72-72ff-4bc6-b6f4-12224c54301a
id.biltrewards.com/	1970-01-21 05:30:57	Name: theme Value: light
.biltrewards.com/	1970-01-21 06:06:57	Name: _tt_enable_cookie Value: 1
.biltrewards.com/	1970-01-21 06:06:57	Name: _ttp Value: Zfog2NxhCqHrc0c2vPJK82jJ1a4
.liadm.com/	1970-01-21 06:21:21	Name: lidid Value: c387e1cc-9004-49d4-be9d-72e035e40ea0
.biltrewards.com/	1970-01-20 22:54:57	Name: _fbp Value: fb.1.1716321739002.604039858
.doubleclick.net/	1970-01-20 20:45:22	Name: test_cookie Value: CheckForPermission
.clerk.decagon.ai/	1970-01-20 20:45:23	Name: __cf_bm Value: GETT390.9rr1ogOE7LwK6_RBFBQo64NeGe8TYvTrRV8-1716321740-1.0.1.1-2NuAU24FLErDSLd9s9GexAq7Qx4VSziJo48Ebs2PvMvMyQuggFJ325_aPI95PMSsu1FZUiSrP3EZiPqOtd4GRg
.clerk.decagon.ai/	1969-12-31 23:59:59	Name: _cfuvid Value: IjAjtKu5lpnwORB2vJwLIlPmgkf_PVN8kT99UlXmsUg-1716321740238-0.0.1.1-604800000

86 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.biltrewards.com/ Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
security	error	URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
security	error	URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
security	error	URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
security	error	URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
security	error	URL: https://www.biltrewards.com/_next/static/chunks/0a08d48a-2ea4280064791d1b.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
security	error	URL: https://www.biltrewards.com/_next/static/chunks/0a08d48a-2ea4280064791d1b.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
security	error	URL: https://id.biltrewards.com/fsedge/s/fs.js(Line 3) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
security	error	URL: https://id.biltrewards.com/fsedge/s/fs.js(Line 3) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
network	error	URL: https://id.biltrewards.com/public/user/authentication/token Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://www.biltrewards.com/?_rsc=1wlmf Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js(Line 543) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js Message: Refused to connect to 'https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_7lmxmkme_telemetry' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/_next/static/chunks/8609-c38f194d114c796b.js Message: Refused to connect to 'https://conversions-config.reddit.com/v1/pixel/error' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
security	error	URL: https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js(Line 433) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
security	error	URL: https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js(Line 433) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.biltrewards.com/terms/bilt-platform-terms-of-use?_rsc=1wlmf Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/ Message: Refused to connect to 'https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.biltrewards.com/terms?_rsc=1wlmf Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.biltrewards.com/ Message: Refused to connect to 'https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://connect.facebook.net/signals/config/353467326379958?v=2.9.156&r=stable&domain=www.biltrewards.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 82) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/ Message: Refused to connect to 'https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://decagon.ai/loaders/bilt.js(Line 46) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
security	error	URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js(Line 4) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
security	error	URL: https://www.biltrewards.com/ Message: Refused to connect to 'https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hyebyqf1m7d9aykp60b2cm0x&aid=b-00ri&cd=.biltrewards.com&dtstmp=1716321738475&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOmQ1ODU6MTIxYjoxZmM4&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/widget_app_base_1716295517676.js(Line 3) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
security	error	URL: https://cdn.userway.org/widgetapp/2024-05-21-12-45-17/widget_app_base_1716295517676.js(Line 3) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.henrihome.com'
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com .lvh.me:3000 .henridev.com .henrihome.com * .henrihome.com ; frame-src 'self' development-knotapi.vercel.app cardswitcher.knotapi.com .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .biltrewards.com .doubleclick.net .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io browser.sentry-cdn.com cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com .biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.tiktok.com
api.segment.io
api.userway.org
b-code.liadm.com
bilt.page
cdn.deviceinf.com
cdn.mgln.ai
cdn.plaid.com
cdn.segment.com
cdn.userway.org
cdn77.api.userway.org
connect.facebook.net
conversions-config.reddit.com
decagon.ai
eu.mgln.ai
events.framer.com
flags.biltrewards.com
framerusercontent.com
googleads.g.doubleclick.net
id.biltrewards.com
mgln.ai
o441793.ingest.sentry.io
pixel.tapad.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
scripts.neuro-id.com
static.biltrewards.com
sync-transcend-cdn.com
tags.srv.stackadapt.com
transcend-cdn.com
tvspix.com
vitals.vercel-insights.com
www.biltrewards.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
www2.biltrewards.com
conversions-config.reddit.com
rp4.liadm.com
www.redditstatic.com
13.32.110.73
13.33.187.92
142.250.185.130
151.101.129.140
18.203.30.8
2001:4860:4802:32::36
23.198.214.69
2600:1f14:5db:eb00:491e:9f27:4143:4c40
2600:1f18:730:b140:bf62:c882:cbf7:ea10
2600:9000:2090:e800:8:8845:1500:93a1
2600:9000:21c7:9a00:d:ada1:a280:93a1
2600:9000:275b:ee00:19:2755:1280:93a1
2606:4700:20::681a:3b4
2606:4700:20::ac43:484f
2606:4700:3035::6815:1a90
2606:4700:3108::ac42:28c4
2606:4700::6812:6f8
2a00:1450:4001:801::2002
2a00:1450:4001:812::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a02:6ea0:c700::10
2a02:6ea0:c700::21
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::396
3.87.104.207
34.110.183.245
34.111.113.62
34.117.79.164
34.120.195.249
34.160.241.76
35.155.246.37
35.157.234.167
35.241.5.91
52.223.52.2
52.39.83.198
76.76.21.142
76.76.21.21
99.86.8.175
01f0e7ce17811d478287a5fd73ca4f82c24c94410b1b5df90537d395ff4cf41b
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364
052aad9f617143aa4ac1796210fe7d4b591bddfca04b80a52bb44382bf0fcaaa
07a1fad3689e8ffddb90e3ff01080c3579d6dbcf239166ea370c4a7582302e8c
08a3938cb627d9c510cb612fa8183cc339b4efc1f11d141c86561d481d16bbed
0a1997286898b43d87fe93530af27762ec3aecd1e4165a63f6cfc65cabbac48f
0a2ee8b099b0c80d0eada0953ad1225481e99803316fa8e0eb1cf297f5e700c3
0ca8160a692d2ede5ba928e6b91500ca2e3b41bce9f4da9ac974b7df22f03cfb
0d114f64e39bf25e2d452e0400803b5cb7ab5d299cdee93b06d9c936eadbdccd
0d77c0ca71f84e8e1b82911c1c6e7ba7b5c192b1ce10bce9a8db97e08139e688
0f21a3f784c0a180951483e44e8878606dd7e74c330a40afdcabfd998bd9ed9e
0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf
10bd3d0e3bef262fe02d35fa3c3153a291e8d8c88625ef4c23882006270f76e2
12ce72c5dd8a160d24d631751a8cac946705951d40e2138443784332c1fb4bc1
12eb90ba365f5499e5dcca6dfa9e11e5e451e601f20c46d05cacfa45bbe0fa68
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14196431302464b67035d3be26eb7dfb3b18e4d638a369d5ed6b4d4ebb4177b7
1462a6870c6180f472f6a9740ab8e38dee1bc0c467871e1e32e433806320b4a2
14ce4e2c8340c041c53de976a7b371785493e98fa84f57957f9a92e7a8046e67
16e01cf649348ae4aa10d00073964eb618ddfe12fb19832485fb131dda930f2d
188768601044fa9d36f7e8318b53e650a64fb03b28c2b04eb8b99facdadce63e
193f70e3ef4fb576a502cd67546306e9ec798eb04db2cbb8f42e19b719f75fe4
1a01aa66114101f1f59b9496a0fa58943400ed89a7471cd23ddd01cedf7d8d1e
1c8a4c256a82803e29912062ede9e76a92c20d4afbcdeaddce82ba13e4f7c484
1d6ec88f567df6145ff31cc4f634d8c576965b5572838f97f9de77af6c3d3239
1ecd5d344ae4c926245b979627331aadcd187f99ad0f520bf3b5046d13194400
1edfef02c49e122736547dcac761d0e9462bff61547af5d22de4129db7bbf814
1f87a6a1e17e3c94df2b142ae4fc42836b657bba1395405578885b85b865aca0
200981091b738ff3174a11acbbed1e6dc8c2d1f6ff5003b089f93831b70554c7
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
224ba832aea3503a168a0d85c38220a7c06bd3b879616fe83f9bc5634855a532
2b6ffa1fda482766ba9db7607cf480fea2d6e045ea6d629cb1006b1384f43d3b
2f1628913a0a1a387648ef458aafc13fb54f2cbc9eb9300e3cf127e1b3d638dc
2f560ce04e19b164e9b17542b096867c6d129fd4c7a2f6124aaba50eee6d37f4
347d65af0845c599dea63f5680c66797775d770dbf0733630c34a37fb1c08319
351ec7eaa47a100223c28f83fcc130fcc711cd585cffcb2e5a13c7aa8c7797e0
36fe8d60c96300f39cef881c83445907bb7a1d0f00b71ffaf38916bc08f99585
3a61375e44fd14535935364ba62f844371eb9fb77ad0e4437720086719fa0da7
3b537133714165e6b109ed33bcf437a891c02cc3b0c62a56a5a3e4e7d14f81ac
3cdfc45291898f113cf74b9db84cd914b2069a1bf948e51665789a627186f342
3e12cb695307b2703bce81c01aaeaf24cf0aa0602c8307458ea4f117719fb6ac
3f7853bd4d6086be63374d96af8f4297718ae35b74698c30e362bf43a1d888a5
4242cb0d811aa58c2c1346e393e3f32eabeea6a8b111505ba9d455c519af0a97
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ccd0c0f3d7a88ddbae1648ae059a9e2a52540e691a7af0df30e4d3b2292bbc
45c345166436583f0abd394d710d9eeaa329108cdd1a3f09556192d38227cf54
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255
48f05f5cda5a40c726077f971c6381185ad2490b89cf1aa204049fb47427145b
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4b0bb6d8a058a42f5caa03df8bb35b72fed5a1987f6e10602ceb384ddb10d41a
4d30600a865d49c31ee9a2f18bbd955840b72f3d5eee2d3394fda371e9ee270e
4dd34f61aca89d6bc803b2bd3feb6a97b9be91c52dc7cfb6bf64971b08b3f83a
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
4f0723c4f61bf24d6caa0f3c88c0ff696d701fdcc002882e75d3849b147c36eb
4f452334c46c15d7198eb2155a3ec0d93ee81b7d1dfaaee86fe67532299b4f7c
4fd7bdd78f1e54f45a4a21f57679cb6fdf3aee47a8d71dd8852a4193eb9c4b60
500ba18736d9e2fc79546b0f1ff540b8d022a0405718c9c460e6da300f18f7d3
52dcb3d5f761764b3c62050ef7a14d1680fe9af272212e1e3f54a0bb938e20a4
52ea1136d79c3a7ebe4f345fdec565e4bac855aeb6ae4dafb54b7b7f29edb881
54fa695dcb5948cc6327d4992d79a37da343811db6286e569ed6e3cb0cbe8f54
559fc6f9f8dcf6e1770482ea27fc2155e8809213e72254a17735d66b7f436fc3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5733d9bc8e680afc43dd30cafe37543fd63da220a1472c63c126a43896d29247
577c26306c4f8b78967bc49027d3dfc18775fb96e2868c60cee8f98bd0d161f2
5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427
5ac1c77c992ddf5093ee99f3128e769ce4e854e31d63a45a5c229fa012f3d27b
5b4fdc71b907c8b40b093cffa977415257b82282d0fb32448e1306f030d64345
5b532e53a76170e8abd917548fc51d1d34916dfb4b36511b33aeb15d635a6cef
5bd9875da9ad66936a2bec098573f0e79ec0dce734c5c9fd34ce0fbba3f7b6d5
5cc361182ae73a5bfc6c5aceb81f1f7980b4f21131755526d4ba24cf9d468d63
5ccd2a2d0cfc8f7b36c238c935a36c751eb306a4f23788a0c6c33eec1a5a2071
5cf25ad54e83f0818d642d719afc921a523d92d9d450643fd8357f62a96a8b64
5cfedefb95154ab787f29ec754d293534271a0fb6cb774a8557c85e738765098
5d9df2764c7d56ded13faf14e7235e19ae3232be0f54e8ddd60ed76e6339f3af
5e5037129f05b5364a856cbc1a8bfbbaad20aeca2fe2c43d8590a856c753d485
5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312
60105af233511f41879808ac3f5450f22a255086344cd02aa483f0077eb92e63
60f03b58dea95b57b6bbea35103461ee20cd93825bec85c30fb36e0c37c4fdad
6162a259efcc903ece88a8301a46b44e3a77c220b3752c01eb02caa0af358870
6266e044e9d67f5e08c39dec30aeb2c9ffc3dbf6c837a6f60da52b050b474794
64ee05b98a022eb8e7c5f531342a77e8265378f08c4665c90e0b0ca953373b10
65b1970ad0056e9f872f541b8684eaac58af3f4e6af9e8cc46dbba0547aa12f4
6a3c77088d19884e2cb7401a2e9972e357ebb263d905e098014220aeed999815
6a80765e705635ab8f3f4ca137d925f2958a21147effb88c80e3b9e300ff9129
6ba51e661ea99d73f18d67c0759bdfa54b3c409cab8308cccb0b4e94e6750ce5
6c7105dd948f39cf942552d784adc2784ae2ab999863706fd3f79ec370906ea5
6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e
709706dfb7e22c6e5ca984f873db12456005a948623716f0d122e4fff48e2be0
76d2ff093e6915059cf45b5a51b88ccd5e79c038e42ecd2cf5817403b6c52cd2
7705cfa1c0bc05d67afd1b2d5abf64186b6139905917b0b5864fc247312383fa
770c4939f53c96cccac5b0e25ed133940e3d731cfd7c6567e3415e4fa6f66002
7746ece790029046b24f2a25796fcaa152efe875c7a8641358088ba857e53157
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
7dc3e5fd5e17851f95608e44439d2d39c569b2faf640fd4e9d592ff64c781e60
7fcb5ce28fc78270827a658038cdbd41ccfd7046c1e2a5722c745f6a41fbcb56
83aabe649060a7e2ae2d90805d2e69bfcb75b54156056654bea6e44ef5487d72
83dc56b9cd11d2a8e9324a5985639b8a680378f43eb82e8d55a4260a7a58d3cc
8422db24abe569163240a916eec839ae5101a26b8da874892fcf8c63b8d2a847
85f5de4dc60ee136c7f141c4999ed8ab88b9bf0aed3a5806f9cbc4283a901b0f
8875d22c2bc4d96ced9745df19c868a2c2e743efb257a631d4e364194a892922
8998554ffd85437ff7bfae81b2e94983f09986380d574117bb234ba6240f7bee
8ab7073e016757e65f74fbb04d82d1f3ccd543a6bef4b0191fb5e9c1cfe88db8
8b7931364d5910c545b4b665ecf4a4399ca1aaf0591f18b6030d083da15f1aef
8c1a0ce4d216e8ebccf87693a96b6cddf4f7d72cdfe4d87c1dea22e9b5591e51
8d5861c48a576edc397b0bf2e220e3f78b6ad36213715ad6982d078856f11c0b
8e8aeadc29c7a5c988fd6d12f6e2ab09da8e7c266eb92662c88e5485f7ca6a54
8fac5963cf08bccb52ed83675b4ab217e5c9dcf28d37f50f9b0f023fc0a9b783
9164300fd0eeac414cbba5c13af67cecac3685ffc4fa1f18e582056d46490487
9182e5785106498f498602328fe7137d757143fcf66ff2f263ac75f3ca54d7e2
924a4b7cab4405894581d0207eaf020e73124a60d105d56d1a283daa4205f1dc
951900191b053b32fb1214b291f547f746c400c2c6c77e5b58165d89eb3d9fbc
990fba98068c77b0616f1d04a1df3ae1e0b6a0fe19809beb34864ab99044ba78
9a5fac4171ae0fa4e6253a625c99f72b75949f1ebde08b51108f26923d51be43
9dd316606967a03abedcf35c83300f9763241b13a2066f67dabff0573def70e5
9e16d83a2c1724e2cbfd819c46e35e26b7911de8678342fc0d6a00e277764306
9eb94d0e2d04f7b70c7077d41fd696e37f907326f3a8da175cd2692f58a3b0b8
9fff2bb0ae4e7b8399d2af77253fecd38540f21fbd2e5899f1459eec325a4cca
a0184ec3f0f6a21d28cb900fbfc2862474a271ce5b5d1e1b0fb8c278248b3637
a05264144271a335fb2ba344835479c8b97cca952f010b9cb8c2d3917abfa50c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd919cb7b76ee7984bd8107f188d4fd04281690c50fcf0359503c3961be961
a2d036f3418706629ba2297c561475f073479962d9a21973edab57c1057e738b
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a4769ff3be117c3c39b1aa56ca1a5cf3f26339c13a2ea08b19606209e11d42a8
a6719d408c68a76e7ecc129a8ca95660269e04939e056d23abbddded90bf8e3a
a6c1c849c5889226e5d9dffe2e3c2f551203e54c7ad9e7824b91dd8e4b94bdce
a8d40be55ed211fc9b3ebbda1ba39c148b61d48b780da684f41cdcc74ca05477
a935b85e486d01cfd4d6367d1fa1cab1ae49196644c492860878cf959e332633
ab32bc58349446cd3c8761af45640b13ed01073a6553e5779a9b03852d591ca4
abdf037aa453598950fd6c0270bbe1336c52cf932b3282c6f7a28ed8b5119167
ad0adb1d3ab2b667ef89e1a870135beed6c178b514d94e5a17c140d109a6b052
ae3cd625206f3b22398ce3e5ffcc22c2a6ff95a535e7c4addbfb7e7e2d146ace
af6eba57bf2517abf6514c8efc984691780db40d0468f1bf9e4d1f8687d0f3ec
b02546b57554da630a4827a7755b1f72d22374513f811dc0590ebe942758cbfa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b220223a8800d05dc359ab6bd8cb71e35cf06dde9bedc2f5d9014df3b1e4e1ac
b27e2ff6dcd76549f2f66acf69dbcc8a5dcc53af127a14ac4e5d33adcd18cde7
b381cb2f2f22e64a9c15c5f42a9bca3a9c97fc548573029977cf70f6ec547283
b3c75117c4b6621b601ca349845c3cd5f55d09c44905cffaddc725dabb82e17d
b433def12ac46677cffd4e29fc9111ba8fcbab5ccc494b20d70451b0a6bca436
b5701c4d14b0fc7c3b9376cb94170a68ec73407bd51f1fe168430e37fec2b32e
b758c20d70f6b20fa85f31c23b9dea1ad5551a1cfd9ed56485c63cc592b2a15b
b7b8ac25904dcb445701b5d1efa127727723d8d9e7f440457f12ca5d3b26c9b5
bb86d91e3b389c31862f4b8bf4751da190f0cf386e9c1af4b193fb7f36754733
bcf6db8e2b32f2b799eea191434b4090cbb642ee936fd8c169ac7979d69b7b51
be575da13139662c6322fa3d100cda159a93f55517aff329b03db8f5e1a721a8
bf7097003d613081cff11d5910e48e56f7151c71265665e078054f45bccb2097
c019d325c62069c72d33abc71f656af0450f288fffe69a2608240b9126966c99
c04daf4d84b602e33cd55244de90765807629d32b9bec66402b61bbc9666995c
c142fc30fa0a276a0261c12ac2eb4a7c09a46689c7d468cd40cf14e8877cb1a9
c2e98063ea80a7ed83a8a81c0d2622080ffb47eea79857cd75b0f09705209c31
c2f14ac6aa2d1007f23dbc8cd5535ae456550e6b6cec1114a60d56610e526861
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c5b3b178dc8df3767511096744a36ee3edcee7ed62be5f8504244e6b70cf7398
ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d
cabadde351faaef576e9bea2b85cb40594e63eada1640633c7cc8c75a1b4c3fb
cb5af3540ca60d5b611ff32706a636ed017b8b94ff154cec81b1a6144def5b7d
cc05f6874071cc404007806efb2cfedefe4b82aca5469dfaf9c5cc3720d91347
cd47392e7c18f91513bb643bc7e815e234454f858240245b5172541cecb913e7
cf864361a24b9afe094f76d502d804e878318535e9479c428babec04f792bb76
d065eff191539c5a5e24a3a4f1bb8ff55a32c7701e34d57ae8b49ca555bdeb31
d11b7c69cef043660a87ba8e09946e83b7559a7202805e217d4ab03a56442298
d2086fef391221a13d759836370ef5bae70c15e1389eb6504dc3a31c987e0a88
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d3f5959fff3e61a5601ec4be106ee10515443a2ee8bdef22138d69836080d896
d5781b6843de18ff323984b25323f02a17ccbd6d984ea170e8f0f290272031bb
d5d57d912d1e17d9db264a07b64a6a3ed4265303e1d73c542ec3cc2d1ef672c1
d7cfeb1fa51c53311474aa19d8120f0d963555765dce3958cfc3b4ec3863414d
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
d9330d7b5ed5d855dcee44b5e5bc3fddbe4b3a42d1e574096727442eb1b89ad6
da70c773cd3a8d489bad7c03fb89b63053843aa52c0545749df089a08e64f78f
db8dee9ad499fb9b623de94c004b284d5529c842c2822340d4ad2f2f8f44968c
db9c28d70f03728ad94c11d34cea446ed992aaa6167344d3eb362379f7fdaaf0
dc2039eaa8cdec894f2d425e26ac4233e0bc86f4591185097efb4b79a659f083
dc36791a319faca1216172316a62bec25a815789c703e22ca883a6754d60b69c
dc9d99b4069719085cc1a67a93350f47b0d97185bc95c4afc509b917ca2a5ee8
dd01382dbc936e089c3f9a5c22a9f0a06c90dc722330c8b5e92a68fb9ad229ff
dee84f70b223c706aee2e8509f8a16a3c99d5a3dcd1fa440d0417db8d6ee1792
dfff3a1130306704612579a8d17745d444271bec22685969eb5b560aeb15f4b1
e310d272bb05b8caa31f4ec6de5437bfbd04800535c9069fa58550a911612ec8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99
e87381db0061a8a04fd758811bef1906a0f760d8de5bbde1c25f7a7bccdf7f6e
e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db
e92f0b552deffbf207cee5389713056c7c3d27e4b9b9edaf29338d01a83c5962
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ea9ed2f612e41fcd700060fad5eff94165c56fb549e6334173177b4a540a5a9d
eb1ffeccaf95fde9ecf145e4ea93852a46e7d42b04d38ec858b891c5f6dfd8fd
ecb6a4d933a00cfe52f85667db28eda1780e587a99b82356d51da319d6393b1a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff87b0205e1ebe55ca731239b15df7b48583b9015ce78cb50a886a97e8b1be8
f03d0fbdbdf2e128b8c2863a59b42688afbaea2bdc8e366d7257a7fd6b31d631
f0426d6e42814a54789172a2bc0b9cc8125833158d0a036078c347a3ad5ff3c2
f0e7dc03337a25fbc965d96a9cc493b925907a56c6cbaedca91dcb22237a6791
f20718ca51aea7b5bd511449b7a3ffc49978f7f57999dd7c6a0408e807f00d01
f451ccd1b82076cdf339b4c512eb3363a898c580776fe8e2a4242ffea352b4a1
f72d0a5af37884e1b1b98c1d843591b5618a80cab198ce8e85cf4131dfde5524
f87a3392313500de980b01445d72f2f7e95bc0d26d5f938bb2f1a7ab569caf98
fa10a41a8fd89e1784da2ae09f9d4f1cee48e98161e3ab35ec20cd9e2d9fba47
fa7e514331c85e2bff2ab629fc901146eaec70a8fbfd84ee6dc9242dbb9d0030
fbea2ed7b96532635f4d8f3667f0237e3fe72dabbdbb2f191b8e828e29945e6b
ff54e9b2209db7e90df95ee8523a1176d4c14d06b413cc817dfbbda6d64a03e1
ff65c7581b6b14184d2d6ab9ebe9416b06fcbb86c3a7a32ca30b3bc7871256a4

www.biltrewards.com Open in urlscan Pro 76.76.21.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

313 Requests

97 %HTTPS

51 %IPv6

32 Domains

43 Subdomains

39 IPs

3 Countries

5210 kBTransfer

20268 kBSize

32 Cookies

12 Outgoing links

Page URL History

Redirected requests

313 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.biltrewards.com Open in urlscan Pro
76.76.21.142 Public Scan

Screenshot
Live screenshot

Full Image

313
Requests

97 %
HTTPS

51 %
IPv6

32
Domains

43
Subdomains

39
IPs

3
Countries

5210 kB
Transfer

20268 kB
Size

32
Cookies

313 HTTP transactions
16 data transactions