urlscan.io logo urlscan.io
SecurityTrails logo

www.rewardsgenius.com Open in urlscan Pro
35.225.19.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Submission: On April 27 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 3 countries across 28 domains to perform 90 HTTP transactions. The main IP is 35.225.19.108, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.rewardsgenius.com.
TLS certificate: Issued by R3 on April 27th 2022. Valid for: 3 months.
This is the only time www.rewardsgenius.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 35.225.19.108 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.111.232.231 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
10 143.204.202.51 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.130.133 54113 (FASTLY)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 142.250.186.66 15169 (GOOGLE)
2 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 2620:1ec:22::14 8068 (MICROSOFT...)
1 13.107.43.14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.9.65.116 16509 (AMAZON-02)
1 65.9.68.22 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 35.71.131.137 16509 (AMAZON-02)
2 2 65.9.68.46 16509 (AMAZON-02)
2 3.208.219.241 14618 (AMAZON-AES)
1 143.204.202.112 16509 (AMAZON-02)
11 65.9.68.12 16509 (AMAZON-02)
1 1 99.86.7.121 16509 (AMAZON-02)
3 99.86.7.122 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.120.195.249 15169 (GOOGLE)
1 35.188.42.15 ()
90 34
18    35.225.19.108 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 108.19.225.35.bc.googleusercontent.com
www.rewardsgenius.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    104.111.232.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-232-231.deploy.static.akamaitechnologies.com
cloud.typography.com
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    143.204.202.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-51.fra53.r.cloudfront.net
static.ada.support
2    2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
1    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
cdn.getambassador.com
2    2a02:26f0:3500:7::17d8:4dca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net
js.adsrvr.org
1    65.9.68.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-22.fra56.r.cloudfront.net
vidassets.terminus.services
1    2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    65.9.68.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-46.fra56.r.cloudfront.net
wec-assets.terminus.services
2    3.208.219.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-219-241.compute-1.amazonaws.com
wec-assets-api.terminus.services
1    143.204.202.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-112.fra53.r.cloudfront.net
rollout.ada.support
11    65.9.68.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-12.fra56.r.cloudfront.net
tangocard.ada.support
1    99.86.7.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-121.fra6.r.cloudfront.net
widget.intercom.io
3    99.86.7.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-122.fra6.r.cloudfront.net
js.intercomcdn.com
1    2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
3    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
forms.hubspot.com
1    34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o38990.ingest.sentry.io
1    35.188.42.15 (None, )

ASN- ()
sentry.io
Apex Domain
Subdomains		 Transfer
22 ada.support
static.ada.support — Cisco Umbrella Rank: 2425
rollout.ada.support — Cisco Umbrella Rank: 2848
tangocard.ada.support — Cisco Umbrella Rank: 401085
777 KB
18 rewardsgenius.com
www.rewardsgenius.com
1 MB
5 terminus.services
vidassets.terminus.services — Cisco Umbrella Rank: 12303
wec-assets.terminus.services — Cisco Umbrella Rank: 13028
wec-assets-api.terminus.services — Cisco Umbrella Rank: 12660
12 KB
4 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1393
match.adsrvr.org — Cisco Umbrella Rank: 325
insight.adsrvr.org — Cisco Umbrella Rank: 529
6 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 382
www.linkedin.com — Cisco Umbrella Rank: 585
px4.ads.linkedin.com — Cisco Umbrella Rank: 4726
3 KB
4 google.com
apis.google.com — Cisco Umbrella Rank: 91
www.google.com — Cisco Umbrella Rank: 2
21 KB
3 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2082
forms.hubspot.com — Cisco Umbrella Rank: 2965
3 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2121
131 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6408
719 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 71
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
174 KB
2 sentry.io
o38990.ingest.sentry.io — Cisco Umbrella Rank: 355755
sentry.io
659 B
2 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4368
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 747
7 KB
2 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6224
290 KB
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2113
2 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3320
936 B
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2096
248 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 419
30 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 3880
87 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 2979
3 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 1948
16 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 1944
20 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 105
15 KB
1 getambassador.com
cdn.getambassador.com — Cisco Umbrella Rank: 39090
100 KB
1 typography.com
cloud.typography.com — Cisco Umbrella Rank: 5118
278 B
0 pusher.com Failed
stats.pusher.com Failed
90 28
Domain Requested by
18 www.rewardsgenius.com 1 redirects www.rewardsgenius.com
11 tangocard.ada.support static.ada.support
tangocard.ada.support
10 static.ada.support www.rewardsgenius.com
static.ada.support
tangocard.ada.support
3 js.intercomcdn.com widget.intercom.io
3 www.google.de www.rewardsgenius.com
3 www.google.com www.rewardsgenius.com
3 www.googletagmanager.com www.rewardsgenius.com
js.hsadspixel.net
2 track.hubspot.com
2 wec-assets-api.terminus.services www.rewardsgenius.com
2 wec-assets.terminus.services 2 redirects
2 match.adsrvr.org 2 redirects
2 forms.hsforms.com js.hsforms.net
2 googleads.g.doubleclick.net www.googleadservices.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 px.ads.linkedin.com 2 redirects
2 snap.licdn.com www.rewardsgenius.com
js.hsadspixel.net
2 js.hsforms.net www.rewardsgenius.com
js.hsforms.net
2 js.hs-scripts.com www.rewardsgenius.com
www.googletagmanager.com
1 sentry.io static.ada.support
1 o38990.ingest.sentry.io www.rewardsgenius.com
1 forms.hubspot.com js.hsleadflows.net
1 insight.adsrvr.org js.adsrvr.org
1 api.hubapi.com js.hsadspixel.net
1 widget.intercom.io 1 redirects
1 rollout.ada.support static.ada.support
1 cdn.jsdelivr.net cdn.getambassador.com
1 stats.g.doubleclick.net www.google-analytics.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 vidassets.terminus.services www.googletagmanager.com
1 js.adsrvr.org www.googletagmanager.com
1 px4.ads.linkedin.com www.rewardsgenius.com
1 www.linkedin.com 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 cdn.getambassador.com www.rewardsgenius.com
1 cloud.typography.com www.rewardsgenius.com
1 apis.google.com www.rewardsgenius.com
0 stats.pusher.com Failed static.ada.support
90 40
Subject Issuer Validity Valid
www.rewardsgenius.com
R3		 2022-04-27 -
2022-07-26		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.typography.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.ada.support
Amazon		 2022-01-31 -
2023-02-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.getambassador.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-11 -
2023-04-11		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.terminus.services
Amazon		 2021-11-16 -
2022-12-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.ingest.sentry.io
R3		 2022-04-22 -
2022-07-21		 3 months crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2020-06-02 -
2022-06-07		 2 years crt.sh

This page contains 9 frames:

Primary Page: https://www.rewardsgenius.com/reward-link-terms-of-service/
Frame ID: E49602172A5649B50878E974BA6BF0C2
Requests: 61 HTTP requests in this frame

Frame: https://tangocard.ada.support/embed/modern/x-storage/63f5979/index.html
Frame ID: A7E53DF83636D5DD3146FEDEE0E7F4F7
Requests: 3 HTTP requests in this frame

Frame: https://tangocard.ada.support/embed/modern/button/63f5979/index.html
Frame ID: 891DC18E70798B494638F6657178F61B
Requests: 5 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js?ver=8.9.22
Frame ID: 5CFFD90FD74B59A1BD0B5EF4D2BF76A0
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=mtoqfyn&ref=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&upid=ejgjzl9&upv=1.1.0
Frame ID: BA7E7696FFA2F1F1A52C3717D48A746B
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.541d90ea.js
Frame ID: 062A8BEE4989CDB09407D3A5D0B726F1
Requests: 2 HTTP requests in this frame

Frame: https://tangocard.ada.support/chat/?embedVersion=63f5979&skipGreeting=true&introShown=false&embed2=1&align=right
Frame ID: 046088D8B71FABC644BA54D85E03B1E1
Requests: 15 HTTP requests in this frame

Frame: https://o38990.ingest.sentry.io/api/131249/security/?sentry_key=32e4861491de4e0cb13244c120832580
Frame ID: 802E95182EF32E030512EC0D3C2683A6
Requests: 1 HTTP requests in this frame

Frame: https://o38990.ingest.sentry.io/api/131249/security/?sentry_key=32e4861491de4e0cb13244c120832580
Frame ID: 75BB041F23FAB51E61A6006A9F452239
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

reward-link-terms-of-service - Rewards Genius

Page URL History Show full URLs

  1. https://www.rewardsgenius.com/reward-link-terms-of-service HTTP 301
    https://www.rewardsgenius.com/reward-link-terms-of-service/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
  • <meta[^>]*google-signin-scope
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • /fingerprintjs@(\d)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

90
Requests

90 %
HTTPS

54 %
IPv6

28
Domains

40
Subdomains

34
IPs

3
Countries

2814 kB
Transfer

10304 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.rewardsgenius.com/reward-link-terms-of-service HTTP 301
    https://www.rewardsgenius.com/reward-link-terms-of-service/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=43293&time=1651095336226&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D43293%26time%3D1651095336226%26url%3Dhttps%253A%252F%252Fwww.rewardsgenius.com%252Freward-link-terms-of-service%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=43293&time=1651095336226&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=43293&time=1651095336226&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&liSync=true&e_ipv6=AQJZ_RW7UEzjxwAAAYBs83e8xYDlsxiKYkTXmCrzDGa1s5vVH_YNoIZkEoy-1viqWuVM957iUL2z970-pRqW6ew3G29sRg
Request Chain 46
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=fc577253-19b7-4ff9-86a3-135d2e8d8758|560e077a-1de9-4c88-be1c-162aa8402201 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=fc577253-19b7-4ff9-86a3-135d2e8d8758|560e077a-1de9-4c88-be1c-162aa8402201 HTTP 302
  • https://wec-assets.terminus.services/s.gif?d=fc577253-19b7-4ff9-86a3-135d2e8d8758|560e077a-1de9-4c88-be1c-162aa8402201&t=4706aba4-93d2-44e3-a140-c3c7c83cdd75 HTTP 301
  • https://wec-assets-api.terminus.services/v1/s.gif
Request Chain 47
  • https://wec-assets.terminus.services/fc577253-19b7-4ff9-86a3-135d2e8d8758/t.gif?d=560e077a-1de9-4c88-be1c-162aa8402201&s=c8f71520-f391-4f4c-a4f6-fd6113d2d155&p=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&cb=1651095336545&t=reward-link-terms-of-service%20-%20Rewards%20Genius&r=&e=page_viewed&u=62f5904d-1caa-4284-8e2c-7c90d3f3d7cf-1651095336545 HTTP 301
  • https://wec-assets-api.terminus.services/v1/fc577253-19b7-4ff9-86a3-135d2e8d8758/t.gif
Request Chain 59
  • https://widget.intercom.io/widget/ HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.rewardsgenius.com/reward-link-terms-of-service/
Redirect Chain
  • https://www.rewardsgenius.com/reward-link-terms-of-service
  • https://www.rewardsgenius.com/reward-link-terms-of-service/
71 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
647de75d030891095910a5755715f4d50c4fd15c7d4d82bee3e5a811fde5eb2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
16788
content-type
text/html; charset=UTF-8
date
Wed, 27 Apr 2022 21:35:35 GMT
link
<https://www.rewardsgenius.com/wp-json/>; rel="https://api.w.org/" <https://www.rewardsgenius.com/wp-json/wp/v2/pages/1737>; rel="alternate"; type="application/json" <https://www.rewardsgenius.com/?p=1737>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-pass-why
custom-path
x-powered-by
WP Engine

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 27 Apr 2022 21:35:35 GMT
location
https://www.rewardsgenius.com/reward-link-terms-of-service/
server
nginx
x-pass-why
custom-path
x-powered-by
WP Engine
x-redirect-by
WordPress
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js?onLoad=renderButton
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da1240738eef80e8630a5749b9258e33d7669859ba8a5ed1da81978092ed03af
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20361
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Wed, 27 Apr 2022 21:35:35 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"2cdff035295781be"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 21:35:35 GMT
fonts.css
cloud.typography.com/6662396/6645612/css/ 		17 B
278 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.typography.com/6662396/6645612/css/fonts.css
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.232.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-232-231.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 21:35:35 GMT
Server
AkamaiNetStorage
ETag
"f130fd70bd4cfa88cacd6d9b4c8c0f19:1631413901.070362"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
17
style.min.css
www.rewardsgenius.com/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:35 GMT
content-encoding
br
last-modified
Mon, 25 Apr 2022 21:38:20 GMT
server
nginx
etag
W/"626714cc-145db"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
ubermenu.min.css
www.rewardsgenius.com/wp-content/plugins/ubermenu/pro/assets/css/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.4.0.1
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
64787a487aefe267b6511333118bc25d19b0387ccc121014949d254391d56395

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:35 GMT
content-encoding
br
last-modified
Mon, 25 Apr 2022 21:38:26 GMT
server
nginx
etag
W/"626714d2-c693"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
minimal.css
www.rewardsgenius.com/wp-content/plugins/ubermenu/assets/css/skins/ 		4 KB
890 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/wp-content/plugins/ubermenu/assets/css/skins/minimal.css?ver=5.9.3
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6bb6d692f321ba6e9bd60ef0c36840ac7e864c42bcdfad37ec28975c077189d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:35 GMT
content-encoding
br
last-modified
Mon, 25 Apr 2022 21:38:26 GMT
server
nginx
etag
W/"626714d2-f60"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
fontawesome-all.min.css
www.rewardsgenius.com/wp-content/plugins/ubermenu/assets/fontawesome/fonts/css/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/wp-content/plugins/ubermenu/assets/fontawesome/fonts/css/fontawesome-all.min.css?ver=5.9.3
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:35 GMT
content-encoding
br
last-modified
Mon, 25 Apr 2022 21:38:26 GMT
server
nginx
etag
W/"626714d2-8a1f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
main_54210077.css
www.rewardsgenius.com/wp-content/themes/rewardgenius/dist/styles/ 		342 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/wp-content/themes/rewardgenius/dist/styles/main_54210077.css
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
20cf8319608a72c4477c60ce1a9684ca032015b4587ebec17569e663a73cdd0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:35 GMT
content-encoding
br
last-modified
Mon, 25 Apr 2022 21:38:25 GMT
server
nginx
etag
W/"626714d1-557d3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
www.rewardsgenius.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:35 GMT
content-encoding
br
last-modified
Mon, 25 Apr 2022 21:38:20 GMT
server
nginx
etag
W/"626714cc-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
www.rewardsgenius.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:35 GMT
content-encoding
br
last-modified
Mon, 25 Apr 2022 21:38:20 GMT
server
nginx
etag
W/"626714cc-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ 		150 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1023041056
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23e1795acad277e88b971a878479dcc7e2a9b11c758864ce476dd21b5c3bcdb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57301
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 21:06:21 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Apr 2022 21:35:36 GMT
embed2.js
static.ada.support/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/embed2.js
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8227611ab7ab9de070fc0e07182e59c95dc093c60ba5ea3381b75b40e20625bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:03 GMT
content-encoding
gzip
vary
Accept-Encoding
age
39
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
*
last-modified
Wed, 27 Apr 2022 11:01:58 GMT
server
AmazonS3
etag
W/"e63b67a3174cdafac292ac6b670ec77f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
max-age=300
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
llLKMoKoN4CaS1k8fq8-C5rNklcZfRZRqtlYnozGZ2OoTKs27zQr4w==
Rewards-Genius-Desktop-Menu-2.png
www.rewardsgenius.com/wp-content/uploads/2020/04/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rewardsgenius.com/wp-content/uploads/2020/04/Rewards-Genius-Desktop-Menu-2.png
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3feb0325129d6e1c403dbfc3a590221afd3e7120896579a7669c377d7e95ad12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
last-modified
Mon, 25 Apr 2022 21:38:23 GMT
server
nginx
etag
"626714cf-15f18"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
89880
Reward-Link-mobile-menu.png
www.rewardsgenius.com/wp-content/uploads/2020/04/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rewardsgenius.com/wp-content/uploads/2020/04/Reward-Link-mobile-menu.png
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3761164c6a8f227457b3f076fdff90b2c96303d05b3db60227b59693942da0a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
last-modified
Mon, 25 Apr 2022 21:38:23 GMT
server
nginx
etag
"626714cf-26f59"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
159577
img-menu-resources.png
www.rewardsgenius.com/wp-content/uploads/2020/01/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rewardsgenius.com/wp-content/uploads/2020/01/img-menu-resources.png
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0f1269a0baef0fbac4f7bba7347c40710f774ea0a5c4c4e9b2f1266bd793e5b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
last-modified
Mon, 25 Apr 2022 21:38:23 GMT
server
nginx
etag
"626714cf-15058"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
86104
4018057.js
js.hs-scripts.com/ 		2 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/4018057.js?integration=WordPress&ver=8.9.22
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70244466704cb250af3b5a54f59243420dec3373803a0439164b257cb4d486f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
bf8c326d-62d1-4467-b71e-a55c4a344002
last-modified
Wed, 27 Apr 2022 17:29:19 GMT
server
cloudflare
x-trace
2B39A858F086DA3D8A41DE9BA3BE38758501A43ECF000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.rewardsgenius.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
702ab05aebb1020d-ZRH
expires
Wed, 27 Apr 2022 21:36:36 GMT
ubermenu.min.js
www.rewardsgenius.com/wp-content/plugins/ubermenu/assets/js/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.4.0.1
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ac7741f8f1d89fbae52c0900d08ab27a20a487f6b65246be36ea22057ed236e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
br
last-modified
Mon, 25 Apr 2022 21:38:26 GMT
server
nginx
etag
W/"626714d2-7e4f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
main_54210077.js
www.rewardsgenius.com/wp-content/themes/rewardgenius/dist/scripts/ 		317 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/wp-content/themes/rewardgenius/dist/scripts/main_54210077.js
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a8e083600d71e2aabd3700053e6c897ce14c8dfd2886b0c1c1cb38b2ed394d1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
br
last-modified
Mon, 25 Apr 2022 21:38:25 GMT
server
nginx
etag
W/"626714d1-4f4f8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
v2.js
js.hsforms.net/forms/ 		568 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js?ver=8.9.22
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3b8f390cb77125fd70f8ceb257315d1ad6b1734feb6ed4424dfef4549a1ec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
via
1.1 a12c29ca3e64ac2015cf4f6c9099b8ce.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 12:03:19 UTC
server
cloudflare
etag
W/"d7d0efa4528342a5c3776dfcc8bd7433"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmO9%2BVLFXWoXhshbwA4Pb2XyEAwFWnMFd3ktv0sRqbDLQM8Dj9zhYdWzBa0P%2BdQ%2BCrQTOJLA6p1eKF9BQSCescWGWgt7PbOQiJZkot5gpjaMJFu%2FDHkerCBXpJ4kHe6Ct8DmTtoSs6GqqYrM"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
Hx249PcutdypfAd3nW2SmuKwwQWh.0rn
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
cf-ray
702ab05b1ccf23af-ZRH
x-amz-cf-id
p2rk5tpukoEo41N-HRMMTufsp_diggi4WlSVuhjheQP2G6G7x49hIg==
x-hs-target-asset
FormsNext/static-5.483/bundles/project_with_deps.js
wp-emoji-release.min.js
www.rewardsgenius.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
br
last-modified
Mon, 25 Apr 2022 21:38:20 GMT
server
nginx
etag
W/"626714cc-4705"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gtm.js
www.googletagmanager.com/ 		168 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KZMKDFG
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ac10927f516f4f86318877e1d33cdc1c40ca749980258ce4fb24e5b31db61ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63323
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 21:06:21 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Apr 2022 21:35:36 GMT
us-2c242dd8-2c66-4fd8-a926-094f66e4a79d.js
cdn.getambassador.com/ 		397 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getambassador.com/us-2c242dd8-2c66-4fd8-a926-094f66e4a79d.js
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy / Express
Resource Hash
bbc179861767a9a2efc4704dd36f13a1ca550e3d333f0b093cdc663b6edcd3b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
via
1.1 vegur, 1.1 varnish
age
24372
x-powered-by
Express
x-cache
HIT
content-encoding
gzip
content-length
102339
x-served-by
cache-hhn4066-HHN
server
Cowboy
x-timer
S1651095336.136828,VS0,VE1
etag
W/"632ab-gbQ0TBiP4/rJNjP66t5xMBtEuUc"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
access-control-allow-headers
accept, authorization, cache-control, content-type, mbsy-universal-id, mbsy-universal-location, origin, x-mbsy-client-id, x-mbsy-url
x-cache-hits
1
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 21:35:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=39820
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
logo_483a9788.svg
www.rewardsgenius.com/wp-content/themes/rewardgenius/dist/images/ 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rewardsgenius.com/wp-content/themes/rewardgenius/dist/images/logo_483a9788.svg
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/wp-content/themes/rewardgenius/dist/styles/main_54210077.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0481de406786bd31946b59bf6e2d42ab3c303cb5ca1616965abdda2d2060a02d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/wp-content/themes/rewardgenius/dist/styles/main_54210077.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
br
last-modified
Mon, 25 Apr 2022 21:38:25 GMT
server
nginx
etag
W/"626714d1-2e01"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
fa-solid-900.woff2
www.rewardsgenius.com/wp-content/plugins/ubermenu/assets/fontawesome/fonts/webfonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/wp-content/plugins/ubermenu/assets/fontawesome/fonts/webfonts/fa-solid-900.woff2
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/wp-content/plugins/ubermenu/assets/fontawesome/fonts/css/fontawesome-all.min.css?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Request headers

Referer
https://www.rewardsgenius.com/wp-content/plugins/ubermenu/assets/fontawesome/fonts/css/fontawesome-all.min.css?ver=5.9.3
Origin
https://www.rewardsgenius.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
last-modified
Mon, 25 Apr 2022 21:38:26 GMT
server
nginx
etag
"626714d2-9cd4"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
40148
truncated
/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15b13ccda0d9a1da40307d86f5906e9ec4a5ccb5e466d70afa19e45467ef9961

Request headers

Referer
Origin
https://www.rewardsgenius.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
font/woff2
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1023041056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14892
x-xss-protection
0
server
cafe
etag
4605403730725282575
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 27 Apr 2022 21:35:36 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=43293&time=1651095336226&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D43293%26time%3D1651095336226%26url%3Dhttps%253A%252F%252Fwww.rewardsgenius.com%25...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=43293&time=1651095336226&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=43293&time=1651095336226&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&liSync=true&e_ipv6=AQJZ_RW7UEzjxwAAAYBs83e8xYD...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=43293&time=1651095336226&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&liSync=true&e_ipv6=AQJZ_RW7UEzjxwAAAYBs83e8xYDlsxiKYkTXmCrzDGa1s5vVH_YNoIZkEoy-1viqWuVM957iUL2z970-pRqW6ew3G29sRg
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2DC53D10DD9246C58AAEF47C72FB0CD2 Ref B: VIEEDGE1806 Ref C: 2022-04-27T21:35:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXdqZcPjTAHTPsnAN2VEA==
x-li-fabric
prod-lor1

Redirect headers

date
Wed, 27 Apr 2022 21:35:36 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 514D120B1A2842FDA3978C4B0EC55B6C Ref B: FRAEDGE1412 Ref C: 2022-04-27T21:35:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=43293&time=1651095336226&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&liSync=true&e_ipv6=AQJZ_RW7UEzjxwAAAYBs83e8xYDlsxiKYkTXmCrzDGa1s5vVH_YNoIZkEoy-1viqWuVM957iUL2z970-pRqW6ew3G29sRg
x-li-proto
http/2
content-length
0
x-li-uuid
AAXdqZcLZKMFDDdP9FVqMg==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZMKDFG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4705
date
Wed, 27 Apr 2022 20:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 27 Apr 2022 22:17:11 GMT
4018057.js
js.hs-scripts.com/ 		2 KB
664 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/4018057.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZMKDFG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70244466704cb250af3b5a54f59243420dec3373803a0439164b257cb4d486f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
4c885cf1-3719-461e-b4c6-e175c3b045d9
last-modified
Wed, 27 Apr 2022 17:29:19 GMT
server
cloudflare
x-trace
2B508DB75D8F7AE311FF1906F8E4F88808B145D452000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.rewardsgenius.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
702ab05b9ca6020d-ZRH
expires
Wed, 27 Apr 2022 21:36:36 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZMKDFG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-65-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 05:18:55 GMT
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
58602
ETag
"98d98b3499058b76d58073cf8ede2f10"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
GtaNz_smh7DNl3dfJGdW0l98-cdF96jhaeT4O-aI3fW3TSuS4NNgJQ==
t.js
vidassets.terminus.services/fc577253-19b7-4ff9-86a3-135d2e8d8758/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidassets.terminus.services/fc577253-19b7-4ff9-86a3-135d2e8d8758/t.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZMKDFG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-22.fra56.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9178d19c46b5a36fc8d4de24aa7fef3b62e7f69c259f4e81ee3f2d5aba263216
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 20:55:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2416
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 20 Apr 2022 16:19:07 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript;charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control
public, s-maxage=2700
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id
p8CWTjDgC3gAKK0tCXx2s6p_7aqTop0hHCHwT3gbPCX_eKJJ8DoK6A==
collect
www.google-analytics.com/j/ 		2 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1803648798&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&ul=en-us&de=UTF-8&dt=reward-link-terms-of-service%20-%20Rewards%20Genius&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=366241722&gjid=1339512674&cid=1298734719.1651095336&tid=UA-10261128-11&_gid=699105315.1651095336&_r=1&gtm=2wg4p0KZMKDFG&z=731476009
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rewardsgenius.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Apr 2022 21:35:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rewardsgenius.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
4018057.js
js.hs-analytics.net/analytics/1651095300000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1651095300000/4018057.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4018057.js?integration=WordPress&ver=8.9.22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b83816934eedd4a362c4d4e863dd1e6cb68e0c12d19c21a63c5211e1b648207

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
VN6SYGMRDVD6GQNW
x-amz-server-side-encryption
AES256
cf-ray
702ab05c4bc201e7-ZRH
x-amz-id-2
FcEwpCBO3oYEVnO5f6Fab+mxWPzsKjdDuV+wq3vahEko8fCcBhN+tn+1h1P9n1JfA+QZRevLYQI=
last-modified
Thu, 14 Apr 2022 15:18:16 GMT
server
cloudflare
etag
W/"b50341b991de2b840558addd3ea9d3de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Wed, 27 Apr 2022 21:40:36 GMT
4018057.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/4018057.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4018057.js?integration=WordPress&ver=8.9.22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6871bd5593d0cad47f999bbce89594155a7bd2b22ff79c167e2d9e21680be68d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
5V41WA1F9DFQMFVH
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
sUkXt1+1rajtGPKKqXXNq+ZSNXEMOwL/SwRTfvVg/6rB7BX3Lfde9t8HcPrFl+fBxVDCmDNb0Tc=
timing-allow-origin
*
last-modified
Thu, 17 Feb 2022 21:01:57 GMT
server
cloudflare
etag
W/"4293107ab8402ef0566554110c3ddf1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
YA2ay1MaDpMRcx0cTBdpps9YpQhJJ06n
access-control-allow-origin
https://www.rewardsgenius.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
702ab05c3e1f2397-ZRH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Wed, 27 Apr 2022 21:40:36 GMT
fb.js
js.hsadspixel.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4018057.js?integration=WordPress&ver=8.9.22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
142e1cd28809b7bbe61123941a3a70a045a5c1fa864c97574b32abd94f4b4229

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
via
1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
190
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.278/bundles/pixels-release.js&cfRay=702aabb72929cc56-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 26 Apr 2022 04:18:52 UTC
server
cloudflare
etag
W/"e23a3c7ef0fc6b7c55f83c4911c95be6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
sUKtDc7b2iEDZ57z7v16VeKnAVF7O_.0
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
702ab05c5ddf01e3-ZRH
x-amz-cf-id
O39GAvo4Yqc6h0iBosYaRj6JbpOAUxBe33AKggvneDyO13aqpgxYNw==
x-hs-target-asset
adsscriptloaderstatic/static-1.278/bundles/pixels-release.js
leadflows.js
js.hsleadflows.net/ 		534 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4018057.js?integration=WordPress&ver=8.9.22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947d6c755989ac2b8e761deb8f7c3d38c30f9e01ce86b4ce1c8f3a2e1d1e5221

Request headers

Referer
https://www.rewardsgenius.com/
Origin
https://www.rewardsgenius.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
via
1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
61486
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1080/bundle/main/lead-flows-release.js&cfRay=7024d33f4eb3021d-IAD
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
702ab05c4a58cc62-ZRH
last-modified
Tue, 01 Mar 2022 09:57:40 UTC
server
cloudflare
etag
W/"57a8210ba9519a68ae76dcc1857db0f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
qE7M39zrJ2dCa.o34UdW.NnTPVZDG9U3
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
NbeZBHM_KWYlznJWZEuMHmKa9N_mWN9KG5ga22F8PJKgTqkzCDhvcg==
x-hs-target-asset
lead-flows-js/static-1.1080/bundle/main/lead-flows-release.js
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023041056/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023041056/?random=1651095336296&cv=9&fst=1651095336296&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4p0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&tiba=reward-link-terms-of-service%20-%20Rewards%20Genius&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15d7eebbf9f7bc77bb67ea90c97dc599537111d2bef75d338f262712a0ad6f02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1054
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10261128-11&cid=1298734719.1651095336&jid=366241722&gjid=1339512674&_gid=699105315.1651095336&_u=YEBAAEAAAAAAAC~&z=609065212
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rewardsgenius.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 27 Apr 2022 21:35:36 GMT
content-type
text/plain
access-control-allow-origin
https://www.rewardsgenius.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1023041056/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1023041056/?random=1651095336296&cv=9&fst=1651093200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&tiba=reward-link-terms-of-service%20-%20Rewards%20Genius&async=1&fmt=3&is_vtc=1&random=2880719751&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Apr 2022 21:35:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1023041056/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1023041056/?random=1651095336296&cv=9&fst=1651093200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&tiba=reward-link-terms-of-service%20-%20Rewards%20Genius&async=1&fmt=3&is_vtc=1&random=2880719751&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Apr 2022 21:35:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10261128-11&cid=1298734719.1651095336&jid=366241722&_u=YEBAAEAAAAAAAC~&z=1486834277
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Apr 2022 21:35:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10261128-11&cid=1298734719.1651095336&jid=366241722&_u=YEBAAEAAAAAAAC~&z=1486834277
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Apr 2022 21:35:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
forms.hsforms.com/embed/v3/form/4018057/2a28197e-882b-4345-b69e-32fbc997c762/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/4018057/2a28197e-882b-4345-b69e-32fbc997c762/json?hutk=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://www.rewardsgenius.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
x-requested-with
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
https://www.rewardsgenius.com
access-control-expose-headers
X-Origin-Hublet
access-control-max-age
180
allow
HEAD,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
702ab05d48db01eb-ZRH
content-length
18
content-type
text/plain; charset=utf-8
date
Wed, 27 Apr 2022 21:35:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-hubspot-correlation-id
7916bf34-53f5-4aaa-9385-790df24d2e2c
x-robots-tag
none
x-trace
2B75A84B504863C6A3B7E164B7AC4F570892DA0E37000000000000000000
json
forms.hsforms.com/embed/v3/form/4018057/2a28197e-882b-4345-b69e-32fbc997c762/ 		27 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/4018057/2a28197e-882b-4345-b69e-32fbc997c762/json?hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js?ver=8.9.22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef0ef5c61fb749e633fd795a09997f5f5e2f37259586a004110e502c0386a9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/javascript
Referer
https://www.rewardsgenius.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-origin-hublet
na1
date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
71c10461-13fe-4372-8314-7d8a2aabe56f
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
none
server
cloudflare
x-trace
2B245A29C54347377C531C0C8F44F6664D673C84BF000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.rewardsgenius.com
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
702ab05e4ae601f4-ZRH
access-control-allow-headers
*
index.js
static.ada.support/embed/modern/client/63f5979/ 		175 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/embed/modern/client/63f5979/index.js
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f0223dca867d0f3a596676c038a18ab3415f9905cec49acca723905fdea881e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 11:02:52 GMT
content-encoding
gzip
vary
Accept-Encoding
age
37965
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
*
last-modified
Wed, 27 Apr 2022 11:02:20 GMT
server
AmazonS3
etag
W/"385b8ce200a8d2c43db85034d76c709e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
max-age=172800
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
3OFOpP32cHW_2teUEEQesxF3ffVQNpjG51rJ54jif4awVHb2wZX44g==
fp.js
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3.3.2/dist/ 		113 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3.3.2/dist/fp.js
Requested by
Host: cdn.getambassador.com
URL: https://cdn.getambassador.com/us-2c242dd8-2c66-4fd8-a926-094f66e4a79d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a50da2ca657309c2cfc0d93f1b582a49b29c58d4a69e46d127671dd7e4d2dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3240697
x-jsd-version
3.3.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19168-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1c254-Gn05meL2ndmIE6H0nLXCm62Q/jk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRNSf16ErMV683Ja5RJFUy6aAkuSu0VF84%2BAVxXF0DuYbHpKNg0s1VM7n6mAILhAc07s3aCZc2nmF961yiBH9G94VoVY6EWVv9ttZWmE7MduMZJBGGJn1US8gwj3l9%2BzvT2At%2FvkQiILvtrUdfc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
702ab05d88efcc5a-ZRH
s.gif
wec-assets-api.terminus.services/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=fc577253-19b7-4ff9-86a3-135d2e8d8758|560e077a-1de9-4c88-be1c-162aa8402201
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=fc577253-19b7-4ff9-86a3-135d2e8d8758|560e077a-1de9-4c88-be1c-162aa8402201
  • https://wec-assets.terminus.services/s.gif?d=fc577253-19b7-4ff9-86a3-135d2e8d8758|560e077a-1de9-4c88-be1c-162aa8402201&t=4706aba4-93d2-44e3-a140-c3c7c83cdd75
  • https://wec-assets-api.terminus.services/v1/s.gif
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wec-assets-api.terminus.services/v1/s.gif
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Server
3.208.219.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-241.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:37 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

date
Wed, 27 Apr 2022 21:26:11 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server
awselb/2.0
age
565
x-cache
Hit from cloudfront
content-type
text/html
location
https://wec-assets-api.terminus.services:443/v1/s.gif
x-amz-cf-pop
FRA56-C1
content-length
134
x-amz-cf-id
pD0U9NKl9vexzTYo_ZVlx1f69R_518kXHwb15uKsMKm4r1Kdqmvxfg==
t.gif
wec-assets-api.terminus.services/v1/fc577253-19b7-4ff9-86a3-135d2e8d8758/
Redirect Chain
  • https://wec-assets.terminus.services/fc577253-19b7-4ff9-86a3-135d2e8d8758/t.gif?d=560e077a-1de9-4c88-be1c-162aa8402201&s=c8f71520-f391-4f4c-a4f6-fd6113d2d155&p=https%3A%2F%2Fwww.rewardsgenius.com%2...
  • https://wec-assets-api.terminus.services/v1/fc577253-19b7-4ff9-86a3-135d2e8d8758/t.gif
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wec-assets-api.terminus.services/v1/fc577253-19b7-4ff9-86a3-135d2e8d8758/t.gif
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Server
3.208.219.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-241.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:37 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

date
Wed, 27 Apr 2022 21:35:36 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
text/html
location
https://wec-assets-api.terminus.services:443/v1/fc577253-19b7-4ff9-86a3-135d2e8d8758/t.gif
content-length
134
x-amz-cf-id
ig_M0vrDk8-o0kwHNPDCN-98KP7PRg0JzTYnmilLvdBBmrfMLpa3RA==
getrewards
www.rewardsgenius.com/wp-json/fresh/ 		3 MB
478 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rewardsgenius.com/wp-json/fresh/getrewards
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.19.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.19.225.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
a2b0d7b0f33c829c66d51a87169117f4dd119b5fef6df7357c34d589819210d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.rewardsgenius.com/reward-link-terms-of-service/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
HIT: 1
x-cache-group
normal
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow
GET
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=600, must-revalidate
x-robots-tag
noindex
link
<https://www.rewardsgenius.com/wp-json/>; rel="https://api.w.org/"
client.json
rollout.ada.support/tangocard/ 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rollout.ada.support/tangocard/client.json
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed/modern/client/63f5979/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c354f7d324fdd5c4b9f977ac063838328066c726d78deefe83ad4e914bfdf2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
vary
Origin
age
66
x-cache
Hit from cloudfront
content-length
13642
last-modified
Thu, 21 Apr 2022 21:12:52 GMT
server
AmazonS3
etag
"24235d8132038ae805b875f83e768b19"
access-control-max-age
300
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
no-cache
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
F3Q2zNxJtPWes4warBiMBfHWlk-oowYAL0ZC8O6pS1IrbkeOUbjJnA==
index.html
tangocard.ada.support/embed/modern/x-storage/63f5979/ Frame A7E5 		557 B
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tangocard.ada.support/embed/modern/x-storage/63f5979/index.html
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed/modern/client/63f5979/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c937654478f441a783092bd8ea1aa3d8d34ef21986f797fa843e508e16e06e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://www.rewardsgenius.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37979
cache-control
max-age=172800
content-length
557
content-type
text/html
date
Wed, 27 Apr 2022 11:02:38 GMT
etag
"625898a4f64ff159bd36ce6afdaefdc8"
last-modified
Wed, 27 Apr 2022 11:02:20 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-id
rxtXfEg3Khu4BsGkyg0sZwF9M4dD_6trRdfn7XNkQy4sAKD7H5HfHA==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
index.html
tangocard.ada.support/embed/modern/button/63f5979/ Frame 891D 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tangocard.ada.support/embed/modern/button/63f5979/index.html
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed/modern/client/63f5979/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e37d0c6df52e74f587b021c8071138a29eb10f3ccc6983cded79c9e24805b641
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://www.rewardsgenius.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37979
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html
date
Wed, 27 Apr 2022 11:02:38 GMT
etag
W/"d895aa255e318247e1edc9f1bbd05d0d"
last-modified
Wed, 27 Apr 2022 11:02:19 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-id
SqcG_TNR9XG7fDVilr_C2y0_qZLMcdPuX7FScc_iDD_D7yDGe0HIpg==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
sentry.3f77da908fdb774a69fa.js
tangocard.ada.support/embed/modern/x-storage/63f5979/ Frame A7E5 		83 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tangocard.ada.support/embed/modern/x-storage/63f5979/sentry.3f77da908fdb774a69fa.js
Requested by
Host: tangocard.ada.support
URL: https://tangocard.ada.support/embed/modern/x-storage/63f5979/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07a7347b890a6156f1147bbc83ca05d6a4622eb0e11bee031835f090bece3f20
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://tangocard.ada.support/embed/modern/x-storage/63f5979/index.html
Origin
https://tangocard.ada.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 11:04:01 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
37896
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
*
last-modified
Wed, 27 Apr 2022 11:02:20 GMT
server
AmazonS3
etag
W/"c48eae32e3a305e5e83b6d0615fcf396"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
max-age=172800
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
dhK0zRPGOu6UeI55Wc1b0qRiZEaiDuLU5t2OP6K0swE6ld7qkzmTdw==
index.js
tangocard.ada.support/embed/modern/x-storage/63f5979/ Frame A7E5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tangocard.ada.support/embed/modern/x-storage/63f5979/index.js
Requested by
Host: tangocard.ada.support
URL: https://tangocard.ada.support/embed/modern/x-storage/63f5979/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8eb051fa0e4e0eb274c06a2fd47847928e70c86577a126a424db380f68c2a288
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://tangocard.ada.support/embed/modern/x-storage/63f5979/index.html
Origin
https://tangocard.ada.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 11:04:01 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
37896
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
*
last-modified
Wed, 27 Apr 2022 11:02:20 GMT
server
AmazonS3
etag
W/"eb023d79f3f107323050f52de00d36a0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
max-age=172800
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
Flws8jX5Qa5n3S-RCDyq6Exx4AFTfNAQiTk7i3Mh3XvTMIot30vG-Q==
sentry.3f77da908fdb774a69fa.js
tangocard.ada.support/embed/modern/button/63f5979/ Frame 891D 		83 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tangocard.ada.support/embed/modern/button/63f5979/sentry.3f77da908fdb774a69fa.js
Requested by
Host: tangocard.ada.support
URL: https://tangocard.ada.support/embed/modern/button/63f5979/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07a7347b890a6156f1147bbc83ca05d6a4622eb0e11bee031835f090bece3f20
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://tangocard.ada.support/embed/modern/button/63f5979/index.html
Origin
https://tangocard.ada.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 11:04:01 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
37896
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
*
last-modified
Wed, 27 Apr 2022 11:02:19 GMT
server
AmazonS3
etag
W/"c48eae32e3a305e5e83b6d0615fcf396"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
max-age=172800
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
H0NwAh0S1vNNtpd79ffZb4zgLEHf1mdTtSDJUrUAclPxiw4QdesC-A==
preact.3f8da194e6f561841950.js
tangocard.ada.support/embed/modern/button/63f5979/ Frame 891D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tangocard.ada.support/embed/modern/button/63f5979/preact.3f8da194e6f561841950.js
Requested by
Host: tangocard.ada.support
URL: https://tangocard.ada.support/embed/modern/button/63f5979/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
090573b633f124a4ff29c3c35de92456ebfa569b77fb995e7450f074b1306811
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://tangocard.ada.support/embed/modern/button/63f5979/index.html
Origin
https://tangocard.ada.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 11:04:01 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
37896
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
*
last-modified
Wed, 27 Apr 2022 11:02:19 GMT
server
AmazonS3
etag
W/"08b41797506598e0f28c7dd010502e90"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
max-age=172800
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
nlDoEVWqdS172LQd9_1fFd-_DOM25xkck_a_Ccyqlxl1udY0bXD_BA==
index.js
tangocard.ada.support/embed/modern/button/63f5979/ Frame 891D 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tangocard.ada.support/embed/modern/button/63f5979/index.js
Requested by
Host: tangocard.ada.support
URL: https://tangocard.ada.support/embed/modern/button/63f5979/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4aff4362d6030ac0366c4d64d238acf68c393ba1792a6f7204e20315db16e6c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://tangocard.ada.support/embed/modern/button/63f5979/index.html
Origin
https://tangocard.ada.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 11:04:01 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
37896
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
*
last-modified
Wed, 27 Apr 2022 11:02:20 GMT
server
AmazonS3
etag
W/"33242ac675089ff3e57baf65e81c0668"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
max-age=172800
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
23QpjhjAe4eafEuULXh6gDA1wRjB10kf1IlhiBj6Duouej55qcgcfA==
e14fc66e-2a81-4ffb-a985-dbb921b2c9a0.svg
static.ada.support/images/ Frame 891D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ada.support/images/e14fc66e-2a81-4ffb-a985-dbb921b2c9a0.svg
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15f4b556340ae2e0cf588d30f7cf50dab04d42e0b9383c3d148ffb0b727aadcc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; media-src https://static.ada.support
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tangocard.ada.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 05:21:49 GMT
content-encoding
gzip
age
58428
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 22 Jun 2021 23:27:14 GMT
server
AmazonS3
etag
W/"c4ce43cd1fe4245c15c2f96f692c2c68"
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET
content-type
image/svg+xml
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
content-security-policy
default-src 'none'; media-src https://static.ada.support
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
tnkhkvA6KQVS7kxPefZ9KM4P7vclxpzuL5ZzJNYh51azD6bbxZ4EQQ==
v2.js
js.hsforms.net/forms/ Frame 5CFF 		568 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js?ver=8.9.22
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js?ver=8.9.22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3b8f390cb77125fd70f8ceb257315d1ad6b1734feb6ed4424dfef4549a1ec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:36 GMT
via
1.1 a12c29ca3e64ac2015cf4f6c9099b8ce.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Apr 2022 12:03:19 UTC
server
cloudflare
etag
W/"d7d0efa4528342a5c3776dfcc8bd7433"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHZr%2BaVWu8uUp6uPzzbfnPhnYWcB75BGcQaXFiPh%2FqKqjPW6qyBQHqFjV%2F%2BT2LaY%2FsLpWTcwYuC3eQpFJTx2Vj4X1%2B4Jz1FNI6%2FAwCPC0jotvV3bXo8ft3GGSdS0jW1Yma%2BmW4EJ8xeiRHDz"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
Hx249PcutdypfAd3nW2SmuKwwQWh.0rn
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
702ab05f7ed201db-ZRH
x-amz-cf-id
p2rk5tpukoEo41N-HRMMTufsp_diggi4WlSVuhjheQP2G6G7x49hIg==
x-hs-target-asset
FormsNext/static-5.483/bundles/project_with_deps.js
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
99.86.7.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-122.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5b80cb9d65c684eea24a178e010dee7257abf726f2186c02da019a68fedf7d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 27 Apr 2022 21:31:19 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 15:41:05 GMT
server
AmazonS3
age
259
etag
"20072765628a9afe386d54fe4c531da8"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6090
x-amz-cf-id
-B5U19AemGibtb9pdlK-R0cADDMXc32XpVs3zBPy-s9olhniaFhJjw==

Redirect headers

date
Wed, 27 Apr 2022 20:12:51 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
server
AmazonS3
age
4967
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
Qucnht6wKvYN4Z9mcrBnxGyJLoLcTX9YrEB61cshO2yMFOl42pZMqw==
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 		131 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=4018057
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517cc04337919b19284b97b3f794cc8d5a0d9a852e7d8dece2979f65386fc7dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:37 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
a934ac72-8a71-413c-bb4c-e487dc94c3df
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2BB0D906682A68AA89A6DFB4A5D8C7606ADFC0C465000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBtlXTaX6JXYMOQXSLtb1a5BePJayYHhTCQTLtKijXKvkGVu5J3hP4noqmcb88UXdToIb%2B8QZrIXZiGRjHFb6vxHYTYNzXrhMfATh4Wzgl8Zlld4Bxf0j08DDAcIY9ffbhZzUMtO4gcD8Sf6"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.rewardsgenius.com
access-control-allow-credentials
false
cf-ray
702ab0626d8523af-ZRH
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/ 		45 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3280190177&v=1.1&a=4018057&ct=standard-page&rcu=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&pu=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&t=reward-link-terms-of-service+-+Rewards+Genius&cts=1651095337300&vi=00a82ca572bd0fba28c4d44e0124ebcd&nc=true&u=166120609.00a82ca572bd0fba28c4d44e0124ebcd.1651095337282.1651095337282.1651095337282.1&b=166120609.1.1651095337283&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:37 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
c7054498-92b4-47d7-8cfd-10ec326ce659
cf-ray
702ab0628de023c7-ZRH
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWruqoP92SrwoaKn9HsLuYzh9nDN6xgMz4olPte%2BEWynMSbn6QNkfCImlt6AA%2FE5a6s%2F2e%2FZFgkgn8SKW1pKam9OQ0qmDj08nWx8eAJ33WBXs27%2BXli9%2BAha34fr8ChPdtmRF%2Fy3dhUnXmsQVu%2F%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=2a28197e-882b-4345-b69e-32fbc997c762&fci=796c8c50-ece9-44ac-8b67-1721e3ead86b&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3280190177&v=1.1&a=4018057&ct=standard-page&rcu=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&pu=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&t=reward-link-terms-of-service+-+Rewards+Genius&cts=1651095337314&vi=00a82ca572bd0fba28c4d44e0124ebcd&nc=true&u=166120609.00a82ca572bd0fba28c4d44e0124ebcd.1651095337282.1651095337282.1651095337282.1&b=166120609.1.1651095337283&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:37 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
160b1b3a-65e2-42eb-9db7-f17980e6a1a9
cf-ray
702ab0628de123c7-ZRH
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfIvmXfhdF3Xha%2B5SsJxkg6%2FrA%2F4yHWmM4RSOIW%2BjOO303L3MKv6dqWDaIIbOV7FBqVhjhqJDtgX6n%2F9ii%2Bdga%2FKDfhIwDrjzanftmVSFbh%2FOngnvo1SJlyjEbVCinG2NEd8RCKcodzk%2B0fmvUtQ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
up
insight.adsrvr.org/track/ Frame BA7E 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=mtoqfyn&ref=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&upid=ejgjzl9&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.rewardsgenius.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Wed, 27 Apr 2022 21:35:37 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
json
forms.hubspot.com/lead-flows-config/v1/config/ 		167 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4018057&utk=00a82ca572bd0fba28c4d44e0124ebcd&__hstc=166120609.00a82ca572bd0fba28c4d44e0124ebcd.1651095337282.1651095337282.1651095337282.1&__hssc=166120609.1.1651095337283&currentUrl=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9319fbfba8119683fdf000e66b448fd667635f5fb89273f6478047b26467b9f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:37 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
9199248a-ef55-41a5-bd53-cdf9b926e7d5
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
none
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABunGz7HZe1y0FiUvg5qByHb1%2B56E4fKQP9eZWjA9X3V%2F%2B6%2BboQAQ8vZsYW80jTC06Ujw9%2BNOCmZeP56nTwAAsfrNkIGDdOQ7eKyfP6kf4TOyACyuSVUr40Yd9zXwsR0xnNBCOAq4SrFLJAaxNEC"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.rewardsgenius.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
702ab0629c2c0225-ZRH
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
frame-modern.541d90ea.js
js.intercomcdn.com/ Frame 062A 		308 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.541d90ea.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-122.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63462fd385f6ee70cc9e5fea8bacfaa18eda7df39124a81982a5b7d6bb86b791

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 27 Apr 2022 19:41:19 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 15:39:58 GMT
server
AmazonS3
age
6859
etag
"c1248d2e80a6cc18eccbc167d80b774c"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
83844
x-amz-cf-id
azPidSAS7lYCNQfds8d3O7kyTCQQKoZvBE8OCczemOwZZYSVl6nxlg==
vendor-modern.9d0447fa.js
js.intercomcdn.com/ Frame 062A 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.9d0447fa.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-122.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0faf58332e35852395151e9dd30b88e1412b56d1f22559714368b65dd455212

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 27 Apr 2022 20:16:25 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 14:15:08 GMT
server
AmazonS3
age
4752
etag
"ecaceb482a23eab9805d9d6493cb198b"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
42626
x-amz-cf-id
C56kYIDIShOCUyrm-Ee62uCN9M7CZO-P2TPGzs_en167RRwTcY7tbg==
js
www.googletagmanager.com/gtag/ 		150 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1023041056
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f12ff7a72d1c5e7ba7fbe1ee7233f32231221c464cea485242f9b4f1d1716c59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57301
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 21:06:21 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Apr 2022 21:35:37 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023041056/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023041056/?random=1651095337504&cv=9&fst=1651095337504&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4p0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&tiba=reward-link-terms-of-service%20-%20Rewards%20Genius&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebb7a431b61843f5d16c3a87ed8ecb427a8cf83b7c36b532a0a787f27139116e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Apr 2022 21:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 21:35:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
X-EdgeConnect-Cache-Status
1
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=39819
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
/
www.google.com/pagead/1p-user-list/1023041056/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1023041056/?random=1651095337504&cv=9&fst=1651093200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&tiba=reward-link-terms-of-service%20-%20Rewards%20Genius&async=1&fmt=3&is_vtc=1&random=3432313664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Apr 2022 21:35:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1023041056/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1023041056/?random=1651095337504&cv=9&fst=1651093200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.rewardsgenius.com%2Freward-link-terms-of-service%2F&tiba=reward-link-terms-of-service%20-%20Rewards%20Genius&async=1&fmt=3&is_vtc=1&random=3432313664&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rewardsgenius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Apr 2022 21:35:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
tangocard.ada.support/chat/ Frame 0460 		19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tangocard.ada.support/chat/?embedVersion=63f5979&skipGreeting=true&introShown=false&embed2=1&align=right
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed/modern/client/63f5979/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-12.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
5040b9c60ff6249c523cd66092aa0371fa12ea5e955a28a21317086e8c9c83b7
Security Headers
Name Value
Content-Security-Policy child-src *;connect-src 'self' https://*.smooch.io/ https://vimeo.com/ https://*.ada.support/ https://*.logs.datadoghq.com/ https://*.browser-intake-datadoghq.com https://sentry.io/ wss://*.pusher.com/ https://*.pusher.com wss://widget-mediator.zopim.com https://*.zopim.com;frame-ancestors 'self' https://*.tangocard.com https://*.rewardsgenius.com https://*.rewardlink.io https://*.rewardlink.com https://www.tangocard.com https://www.rewardsgenius.com https://www.rewardlink.io https://www.rewardlink.com https://www.rl.tangocard.com https://tangocard.com https://rewardsgenius.com https://rewardlink.io https://rewardlink.com https://rl.tangocard.com https://360uat-tangocard-community.cs165.force.com/ https://tangocard-community.force.com/ https://*.devrewards.wpengine.com https://tangocard.ada.support file://* filesystem:;frame-src *;img-src * data:;manifest-src 'self' https://*.ada.support/;media-src *;report-uri https://o38990.ingest.sentry.io/api/131249/security/?sentry_key=32e4861491de4e0cb13244c120832580;script-src 'self' 'unsafe-inline' https://*.smooch.io/ https://*.ada.support/ https://*.pusher.com https://fullstory.com https://edge.fullstory.com https://widget-mediator.zopim.com/;script-src-elem 'self' 'unsafe-inline' https://*.smooch.io/ https://*.ada.support/ https://*.pusher.com https://fullstory.com https://edge.fullstory.com https://widget-mediator.zopim.com/;worker-src blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rewardsgenius.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
19110
content-security-policy
child-src *;connect-src 'self' https://*.smooch.io/ https://vimeo.com/ https://*.ada.support/ https://*.logs.datadoghq.com/ https://*.browser-intake-datadoghq.com https://sentry.io/ wss://*.pusher.com/ https://*.pusher.com wss://widget-mediator.zopim.com https://*.zopim.com;frame-ancestors 'self' https://*.tangocard.com https://*.rewardsgenius.com https://*.rewardlink.io https://*.rewardlink.com https://www.tangocard.com https://www.rewardsgenius.com https://www.rewardlink.io https://www.rewardlink.com https://www.rl.tangocard.com https://tangocard.com https://rewardsgenius.com https://rewardlink.io https://rewardlink.com https://rl.tangocard.com https://360uat-tangocard-community.cs165.force.com/ https://tangocard-community.force.com/ https://*.devrewards.wpengine.com https://tangocard.ada.support file://* filesystem:;frame-src *;img-src * data:;manifest-src 'self' https://*.ada.support/;media-src *;report-uri https://o38990.ingest.sentry.io/api/131249/security/?sentry_key=32e4861491de4e0cb13244c120832580;script-src 'self' 'unsafe-inline' https://*.smooch.io/ https://*.ada.support/ https://*.pusher.com https://fullstory.com https://edge.fullstory.com https://widget-mediator.zopim.com/;script-src-elem 'self' 'unsafe-inline' https://*.smooch.io/ https://*.ada.support/ https://*.pusher.com https://fullstory.com https://edge.fullstory.com https://widget-mediator.zopim.com/;worker-src blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Apr 2022 21:35:40 GMT
etag
W/"4aa6-ODrjMxrJ0YaonDTkgpQ9iHeHAb4"
referrer-policy
origin
server
CloudFront
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-id
zutoJkximaoHgsZReURXd3Hu4NZSrgdaIfjdZxWPIlyDYnA0dAzvnQ==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
/
o38990.ingest.sentry.io/api/131249/security/ Frame 0460 		0
248 B 		Other
General
Check archive.org
Download Go to
Full URL
https://o38990.ingest.sentry.io/api/131249/security/?sentry_key=32e4861491de4e0cb13244c120832580
Requested by
Host: www.rewardsgenius.com
URL: https://www.rewardsgenius.com/reward-link-terms-of-service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tangocard.ada.support/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 27 Apr 2022 21:35:40 GMT
via
1.1 google
server
nginx
vary
Origin
access-control-allow-origin
https://tangocard.ada.support
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
config.js
tangocard.ada.support/chat/ Frame 0460 		366 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tangocard.ada.support/chat/config.js
Requested by
Host: tangocard.ada.support
URL: https://tangocard.ada.support/chat/?embedVersion=63f5979&skipGreeting=true&introShown=false&embed2=1&align=right
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-12.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
448be28dc5f4b67284d7d6b9a3bd46b26813a558489eb1d3b93cb4f521981978
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tangocard.ada.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:40 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
366
referrer-policy
origin
last-modified
Wed, 27 Apr 2022 12:37:27 GMT
server
CloudFront
etag
W/"16e-1806b06c37d"
x-download-options
noopen
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amz-cf-id
qUJJXSZ_zJZsHiTi3g1ZZW1rfulKXgJZ5pB2ZGq-DAG5y2Hx1DdvAg==
chat.9272e2ad094ee82629e8.min.js
static.ada.support/ Frame 0460 		10 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat.9272e2ad094ee82629e8.min.js
Requested by
Host: tangocard.ada.support
URL: https://tangocard.ada.support/chat/?embedVersion=63f5979&skipGreeting=true&introShown=false&embed2=1&align=right
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dc2770dc0ae140c1a5933900e80ca24a0adea8b00c236c2bdab50bd07706fec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://tangocard.ada.support/
Origin
https://tangocard.ada.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 01:53:07 GMT
content-encoding
gzip
vary
Accept-Encoding
age
70959
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
*
last-modified
Thu, 21 Apr 2022 23:52:16 GMT
server
AmazonS3
etag
W/"58ac5fa002ecc6181aedf23420d67b3e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
3JPANhEjnx8dk8VbaGoGRgJYtlAlL0AM92q-gAckbNEZB4Y3j1J7cA==
chat.b1d3d6f6113e43427083.min.js
static.ada.support/ Frame 0460 		1 MB
343 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat.b1d3d6f6113e43427083.min.js
Requested by
Host: tangocard.ada.support
URL: https://tangocard.ada.support/chat/?embedVersion=63f5979&skipGreeting=true&introShown=false&embed2=1&align=right
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b9fb0b61da24de0a43d6afe0e974a338e2ef8fcd00b8f05b84d9904d8accf27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://tangocard.ada.support/
Origin
https://tangocard.ada.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 12:37:45 GMT
content-encoding
gzip
vary
Accept-Encoding
age
32275
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
*
last-modified
Wed, 27 Apr 2022 12:32:15 GMT
server
AmazonS3
etag
W/"a7d08394482d2bfade8552b88ff4fd7a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
SInxqV561ElRWyUX76iuvjv6Qkoc2bvvdEKO8U4KhsQtyG943vXiBw==
chat.e2cac5af5cb76d29c7fa.min.js
static.ada.support/ Frame 0460 		812 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat.e2cac5af5cb76d29c7fa.min.js
Requested by
Host: tangocard.ada.support
URL: https://tangocard.ada.support/chat/?embedVersion=63f5979&skipGreeting=true&introShown=false&embed2=1&align=right
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edeaf98137e379e07772d9919fc05a3a8fae5623e66406cbed08c347a4376fc6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://tangocard.ada.support/
Origin
https://tangocard.ada.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 23:29:43 GMT
content-encoding
gzip
vary
Accept-Encoding
age
79558
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
*
last-modified
Tue, 26 Apr 2022 21:51:10 GMT
server
AmazonS3
etag
W/"6cf43336445c15e36bed5ae43a01f142"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
hAlJvzMC47ZocGc43woLLs31L6bC18Q55lvSy9KoyP8ryYvBKVlwLw==
chat.094abce3ca814f8f5a2c.min.css
static.ada.support/ Frame 0460 		59 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat.094abce3ca814f8f5a2c.min.css
Requested by
Host: tangocard.ada.support
URL: https://tangocard.ada.support/chat/?embedVersion=63f5979&skipGreeting=true&introShown=false&embed2=1&align=right
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9470562ffe7bf1a6411b4da1d7de2c062b0515bbcbc190adca29b40db7771b0f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://tangocard.ada.support/
Origin
https://tangocard.ada.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 00:26:49 GMT
content-encoding
gzip
vary
Accept-Encoding
age
76304
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
*
last-modified
Tue, 29 Mar 2022 22:05:37 GMT
server
AmazonS3
etag
W/"3c1cbc4818051007d12d392c218e7d01"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
QVK7yoAcQx8Xdnvwntkp9y5Xfs8OGJdPl-buWi3_MWYKhA8XmT3_Rw==
/
o38990.ingest.sentry.io/api/131249/security/ Frame 802E 		0
0
/
o38990.ingest.sentry.io/api/131249/security/ Frame 75BB 		0
0
/
sentry.io/api/131249/envelope/ Frame 0460 		2 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/131249/envelope/?sentry_key=32e4861491de4e0cb13244c120832580&sentry_version=7
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat.b1d3d6f6113e43427083.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tangocard.ada.support/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 27 Apr 2022 21:35:41 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://tangocard.ada.support
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
e1053afba4cc194f7ff7.mp3
static.ada.support/ Frame 0460 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/e1053afba4cc194f7ff7.mp3
Requested by
Host: tangocard.ada.support
URL: https://tangocard.ada.support/chat/?embedVersion=63f5979&skipGreeting=true&introShown=false&embed2=1&align=right
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc2a9a716f9b9530dcafd47ed0db506319860f3c36b2778ce392833ec34c6ab2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://tangocard.ada.support/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 27 Apr 2022 18:04:48 GMT
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
age
12686
x-cache
Hit from cloudfront
Content-Range
bytes 0-7137/7138
access-control-max-age
3000
Content-Length
7138
last-modified
Fri, 01 Apr 2022 16:30:09 GMT
server
AmazonS3
etag
"aee0ce91be0607cd8b104ca4158134af"
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET
content-type
audio/mpeg
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
o9UwKiV57Lf8NlVV6L-oco2CRaSMD84rlaUAgJCnS3jHo0VzA_h8Qg==
/
tangocard.ada.support/api/languages/ Frame 0460 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tangocard.ada.support/api/languages/
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat.b1d3d6f6113e43427083.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-12.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
d857ba89d66e8c7567ac536f986f64d9dc26a30d07989c7ffee8f09b2e937b1e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Pragma
no-cache
Accept
application/json, text/plain, */*
Referer
https://tangocard.ada.support/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:35:41 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C1
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
content-length
4922
x-amz-cf-id
xoqDFwSaqglG_YtO89Si1izSjtTA6G-yA021mtGcrdtHIJCweX08-A==
/
tangocard.ada.support/api/chatters/ Frame 0460 		300 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tangocard.ada.support/api/chatters/
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat.b1d3d6f6113e43427083.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-12.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
fa0b8ba469e07e7ecbf3d10ae175326f4cb1e19341c3abf65c5dbb6678117a85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Pragma
no-cache
Accept
application/json, text/plain, */*
Referer
https://tangocard.ada.support/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 27 Apr 2022 21:35:41 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C1
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
content-length
300
x-amz-cf-id
AWONy0dlqeJTCkcLoJSMyxanFHavuTL8OFBczU_JBbo0fFAlec6KXA==
chat.987.f87402901c51000147c0.chunk.js
static.ada.support/ Frame 0460 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ada.support/chat.987.f87402901c51000147c0.chunk.js
Requested by
Host: static.ada.support
URL: https://static.ada.support/chat.9272e2ad094ee82629e8.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c44d64e04e1b57a4d54174a737b056346676e7a2ab72cbcb96dc4755f4f3344c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://tangocard.ada.support/
Origin
https://tangocard.ada.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 15:03:21 GMT
content-encoding
gzip
vary
Accept-Encoding
age
25272
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
*
last-modified
Fri, 01 Apr 2022 21:34:10 GMT
server
AmazonS3
etag
W/"b4de7f54d504126ca8b2fdd09c44852b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
X3EMAkUH6giKgxvyrZp6Ke5Sn624v24uru6SR10WomB8qeT17qEpVw==
1
stats.pusher.com/timeline/v2/jsonp/ Frame 0460 		0
0
/
tangocard.ada.support/api/conversations/recent/chat/1b0a8051-cb88-4b9c-bd83-9c08442f75b2/ Frame 0460 		0
0
3d38af3f-5e0b-4080-b043-8a3d7e0e47ad.svg
static.ada.support/images/ Frame 0460 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ada.support/images/3d38af3f-5e0b-4080-b043-8a3d7e0e47ad.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-51.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bb243dccb9b7cc83c4b1176a8ee33c67d8e6ff32a24b8f720152a23af45556e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; media-src https://static.ada.support
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tangocard.ada.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 04:56:15 GMT
content-encoding
gzip
age
59967
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 22 Jun 2021 21:20:21 GMT
server
AmazonS3
etag
W/"0817999d734e58397ff6fa70a4b49206"
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET
content-type
image/svg+xml
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
content-security-policy
default-src 'none'; media-src https://static.ada.support
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
NEZdEXqBGTbhmsyjN_kue-X_CCalWhrrcEb9phVNgkqMeohZ848BrA==
/
tangocard.ada.support/api/campaigns/trigger/Tango_Card_Home_Page/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
o38990.ingest.sentry.io
URL
https://o38990.ingest.sentry.io/api/131249/security/?sentry_key=32e4861491de4e0cb13244c120832580
Domain
o38990.ingest.sentry.io
URL
https://o38990.ingest.sentry.io/api/131249/security/?sentry_key=32e4861491de4e0cb13244c120832580
Domain
stats.pusher.com
URL
https://stats.pusher.com/timeline/v2/jsonp/1?session=ODIwMjI2MDQw&bundle=MQ%3D%3D&key=ZTliMDhhZWEwYzY4NzIzM2ViOTA%3D&lib=anM%3D&version=NS4wLjM%3D&cluster=bXQx&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE2NTEwOTUzNDEyMTd9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNjUxMDk1MzQxMjE3fSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNjUxMDk1MzQxMjE3fSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTY1MTA5NTM0MTIxN30seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTY1MTA5NTM0MTIxOH0seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTY1MTA5NTM0MTUzMn0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiIzNTU0NjAuNDg3MDgzOSJ9LCJ0aW1lc3RhbXAiOjE2NTEwOTUzNDE1MzN9XQ%3D%3D
Domain
tangocard.ada.support
URL
https://tangocard.ada.support/api/conversations/recent/chat/1b0a8051-cb88-4b9c-bd83-9c08442f75b2/
Domain
tangocard.ada.support
URL
https://tangocard.ada.support/api/campaigns/trigger/Tango_Card_Home_Page/

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| gapi object| ___jsl object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| _hsq object| hbspt object| SENTRY_RELEASE object| regeneratorRuntime boolean| __AdaEmbedLoaded object| adaEmbed object| mbsy string| _linkedin_partner_id object| _linkedin_data_partner_ids object| intercomSettings function| Intercom object| leadin_wordpress object| ubermenu_data function| uber_supports function| uber_op function| uberMenu_openMega function| uberMenu_openFlyout function| uberMenu_close function| uberMenu_redrawSubmenus object| Fresh object| google_tag_manager boolean| mbsyScriptExecuted function| Pusher function| scrollPosition object| Base64 object| _mbsy function| mbsyCb object| mbsyEditor object| google_tag_data function| lintrk boolean| _already_called_lintrk string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id object| gaplugins object| gaGlobal object| gaData object| _hsp function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| __hsRoot object| hspreserve undefined| React undefined| reqwestPatched function| OutpostErrorReporter function| hmerge object| HSFR undefined| ReactDOM undefined| require undefined| requirejs undefined| module undefined| bootstrap boolean| PIXELS_RAN function| defineProperties object| leadflows boolean| popupPoliceActive function| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| twemoji object| wp function| ttd_dom_ready function| TTDUniversalPixelApi function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| _hspb_loaded object| _paq function| sanitizeKey boolean| _hstc_loaded object| __SENTRY__ function| __AdaEmbedConstructor object| FingerprintJS boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime function| __intercomAssignLocation boolean| LEAD_FLOW_DOCUMENT_READY_RAN

22 Cookies

Domain/Path Name / Value
.rewardsgenius.com/ Name: _gcl_au
Value: 1.1.435258933.1651095336
.rewardsgenius.com/ Name: _ga
Value: GA1.2.1298734719.1651095336
.rewardsgenius.com/ Name: _gid
Value: GA1.2.699105315.1651095336
.rewardsgenius.com/ Name: _gat_UA-10261128-11
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQIGqo89h-QL9gAAAYBs83WUCQqJq8NTv6ZtLtJ-dtGxM-pjKBpnFeh3srBrvZeOxWdprHXwJdX3tg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLDoP4stW6BXAAAAYBs83WUr3T6AdFav0fdGo8Ve0XLXLWI-ZPKfyELepk1YmmjG6h7yX75VskJCfCO7-3frg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&8c9ae62e-e4d2-4d1a-8a3c-4ed79aa7a5b7"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2613:u=1:x=1:i=1651095336:t=1651181736:v=2:sig=AQEz-rhFR2lNfidZdW7ah_NYGXSUTpMU"
www.rewardsgenius.com/ Name: d-a8e6
Value: 560e077a-1de9-4c88-be1c-162aa8402201
www.rewardsgenius.com/ Name: s-9da4
Value: c8f71520-f391-4f4c-a4f6-fd6113d2d155
.adsrvr.org/ Name: TDID
Value: 4706aba4-93d2-44e3-a140-c3c7c83cdd75
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjG6taVk6jUOhAFOAE.
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202204272135366987d833-67b5-4e59-8daf-a4631979f5b8AQEgaFVhr38Lo7zAfikkuGiEhgUrdIMX"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTEwOTUzMzY7MjswMjGe5bYi8YuQo5hNWqPLgnSZcxS7SUxxC1H9luvSSbrppA==
.rewardsgenius.com/ Name: __hstc
Value: 166120609.00a82ca572bd0fba28c4d44e0124ebcd.1651095337282.1651095337282.1651095337282.1
.rewardsgenius.com/ Name: hubspotutk
Value: 00a82ca572bd0fba28c4d44e0124ebcd
.rewardsgenius.com/ Name: __hssrc
Value: 1
.rewardsgenius.com/ Name: __hssc
Value: 166120609.1.1651095337283
.hubspot.com/ Name: __cf_bm
Value: WTVo8rlVpXWkwUpMpGcQmdougVMOFjHfxflXHlotDeU-1651095337-0-AWA/KnV5tIF0TOdia7jhHFwrwJFTb1zkri5/PpWpOxDrOvbCsTA/o7lltjNXP4/WmiRAMcrXQjuLV8N23Qe42p4=
.doubleclick.net/ Name: IDE
Value: AHWqTUmaU9NhQL3auK9lvwYpbT4Wtpc0-YEwbx1UlzTlgnG2k4Kn6viu6OBPJCzK

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
apis.google.com
cdn.getambassador.com
cdn.jsdelivr.net
cloud.typography.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
js.intercomcdn.com
match.adsrvr.org
o38990.ingest.sentry.io
px.ads.linkedin.com
px4.ads.linkedin.com
rollout.ada.support
sentry.io
snap.licdn.com
static.ada.support
stats.g.doubleclick.net
stats.pusher.com
tangocard.ada.support
track.hubspot.com
vidassets.terminus.services
wec-assets-api.terminus.services
wec-assets.terminus.services
widget.intercom.io
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.rewardsgenius.com
o38990.ingest.sentry.io
stats.pusher.com
tangocard.ada.support
104.111.232.231
13.107.43.14
142.250.186.66
143.204.202.112
143.204.202.51
151.101.130.133
2606:4700:4400::6812:21ab
2606:4700::6810:5805
2606:4700::6810:5914
2606:4700::6811:43b0
2606:4700::6811:70b0
2606:4700::6811:b749
2606:4700::6811:cccc
2606:4700::6811:d3cc
2606:4700::6811:eacc
2606:4700::6813:9a53
2620:1ec:21::14
2620:1ec:22::14
2a00:1450:4001:801::2004
2a00:1450:4001:809::2003
2a00:1450:4001:811::200e
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9d
2a02:26f0:3500:7::17d8:4dca
3.208.219.241
34.120.195.249
35.188.42.15
35.225.19.108
35.71.131.137
65.9.65.116
65.9.68.12
65.9.68.22
65.9.68.46
99.86.7.121
99.86.7.122
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0481de406786bd31946b59bf6e2d42ab3c303cb5ca1616965abdda2d2060a02d
07a7347b890a6156f1147bbc83ca05d6a4622eb0e11bee031835f090bece3f20
090573b633f124a4ff29c3c35de92456ebfa569b77fb995e7450f074b1306811
0f1269a0baef0fbac4f7bba7347c40710f774ea0a5c4c4e9b2f1266bd793e5b8
0f3b8f390cb77125fd70f8ceb257315d1ad6b1734feb6ed4424dfef4549a1ec2
142e1cd28809b7bbe61123941a3a70a045a5c1fa864c97574b32abd94f4b4229
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
15b13ccda0d9a1da40307d86f5906e9ec4a5ccb5e466d70afa19e45467ef9961
15d7eebbf9f7bc77bb67ea90c97dc599537111d2bef75d338f262712a0ad6f02
15f4b556340ae2e0cf588d30f7cf50dab04d42e0b9383c3d148ffb0b727aadcc
1bb243dccb9b7cc83c4b1176a8ee33c67d8e6ff32a24b8f720152a23af45556e
20cf8319608a72c4477c60ce1a9684ca032015b4587ebec17569e663a73cdd0b
23e1795acad277e88b971a878479dcc7e2a9b11c758864ce476dd21b5c3bcdb6
2c937654478f441a783092bd8ea1aa3d8d34ef21986f797fa843e508e16e06e1
2dc2770dc0ae140c1a5933900e80ca24a0adea8b00c236c2bdab50bd07706fec
3761164c6a8f227457b3f076fdff90b2c96303d05b3db60227b59693942da0a0
3c354f7d324fdd5c4b9f977ac063838328066c726d78deefe83ad4e914bfdf2e
3feb0325129d6e1c403dbfc3a590221afd3e7120896579a7669c377d7e95ad12
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448be28dc5f4b67284d7d6b9a3bd46b26813a558489eb1d3b93cb4f521981978
4ac10927f516f4f86318877e1d33cdc1c40ca749980258ce4fb24e5b31db61ab
4aff4362d6030ac0366c4d64d238acf68c393ba1792a6f7204e20315db16e6c3
4ef0ef5c61fb749e633fd795a09997f5f5e2f37259586a004110e502c0386a9e
5040b9c60ff6249c523cd66092aa0371fa12ea5e955a28a21317086e8c9c83b7
517cc04337919b19284b97b3f794cc8d5a0d9a852e7d8dece2979f65386fc7dc
63462fd385f6ee70cc9e5fea8bacfaa18eda7df39124a81982a5b7d6bb86b791
64787a487aefe267b6511333118bc25d19b0387ccc121014949d254391d56395
647de75d030891095910a5755715f4d50c4fd15c7d4d82bee3e5a811fde5eb2d
6871bd5593d0cad47f999bbce89594155a7bd2b22ff79c167e2d9e21680be68d
6b9fb0b61da24de0a43d6afe0e974a338e2ef8fcd00b8f05b84d9904d8accf27
6bb6d692f321ba6e9bd60ef0c36840ac7e864c42bcdfad37ec28975c077189d4
6f0223dca867d0f3a596676c038a18ab3415f9905cec49acca723905fdea881e
70244466704cb250af3b5a54f59243420dec3373803a0439164b257cb4d486f8
8227611ab7ab9de070fc0e07182e59c95dc093c60ba5ea3381b75b40e20625bf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8eb051fa0e4e0eb274c06a2fd47847928e70c86577a126a424db380f68c2a288
9178d19c46b5a36fc8d4de24aa7fef3b62e7f69c259f4e81ee3f2d5aba263216
9319fbfba8119683fdf000e66b448fd667635f5fb89273f6478047b26467b9f4
9470562ffe7bf1a6411b4da1d7de2c062b0515bbcbc190adca29b40db7771b0f
947d6c755989ac2b8e761deb8f7c3d38c30f9e01ce86b4ce1c8f3a2e1d1e5221
9b83816934eedd4a362c4d4e863dd1e6cb68e0c12d19c21a63c5211e1b648207
a0faf58332e35852395151e9dd30b88e1412b56d1f22559714368b65dd455212
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b0d7b0f33c829c66d51a87169117f4dd119b5fef6df7357c34d589819210d7
a8e083600d71e2aabd3700053e6c897ce14c8dfd2886b0c1c1cb38b2ed394d1e
ac7741f8f1d89fbae52c0900d08ab27a20a487f6b65246be36ea22057ed236e8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
bbc179861767a9a2efc4704dd36f13a1ca550e3d333f0b093cdc663b6edcd3b7
bc2a9a716f9b9530dcafd47ed0db506319860f3c36b2778ce392833ec34c6ab2
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c44d64e04e1b57a4d54174a737b056346676e7a2ab72cbcb96dc4755f4f3344c
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d5b80cb9d65c684eea24a178e010dee7257abf726f2186c02da019a68fedf7d9
d857ba89d66e8c7567ac536f986f64d9dc26a30d07989c7ffee8f09b2e937b1e
da1240738eef80e8630a5749b9258e33d7669859ba8a5ed1da81978092ed03af
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1a50da2ca657309c2cfc0d93f1b582a49b29c58d4a69e46d127671dd7e4d2dd
e37d0c6df52e74f587b021c8071138a29eb10f3ccc6983cded79c9e24805b641
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb7a431b61843f5d16c3a87ed8ecb427a8cf83b7c36b532a0a787f27139116e
edeaf98137e379e07772d9919fc05a3a8fae5623e66406cbed08c347a4376fc6
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12ff7a72d1c5e7ba7fbe1ee7233f32231221c464cea485242f9b4f1d1716c59
f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12
fa0b8ba469e07e7ecbf3d10ae175326f4cb1e19341c3abf65c5dbb6678117a85