www.biltrewards.com Open in urlscan Pro
76.76.21.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://biltrewards.com/
Effective URL:
https://www.biltrewards.com/
Submission Tags: tranco_l324
Submission: On March 26 via api (March 26th 2024, 3:46:45 am UTC) from DE — Scanned from DE

Summary HTTP 256 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 27 domains to perform 256 HTTP transactions. The main IP is 76.76.21.61, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is www.biltrewards.com. The Cisco Umbrella rank of the primary domain is 230557.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.

This is the only time www.biltrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.117.79.164 34.117.79.164	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
35	76.76.21.61 76.76.21.61	16509 (AMAZON-02) (AMAZON-02)
1	172.67.136.129 172.67.136.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.187.92 13.33.187.92	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.100 172.217.18.100	15169 (GOOGLE) (GOOGLE)
4	172.66.43.60 172.66.43.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 8	2606:4700:20:... 2606:4700:20::ac43:484f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	44.231.85.219 44.231.85.219	16509 (AMAZON-02) (AMAZON-02)
13	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 _) (CDN77 _)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
1	52.223.52.2 52.223.52.2	16509 (AMAZON-02) (AMAZON-02)
2	34.160.241.76 34.160.241.76	15169 (GOOGLE) (GOOGLE)
3	35.241.5.91 35.241.5.91	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.110.183.245 34.110.183.245	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.251.175.250 34.251.175.250	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
5	173.222.108.40 173.222.108.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	3.65.91.158 3.65.91.158	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:275... 2600:9000:275d:aa00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
26	2600:9000:249... 2600:9000:2490:8200:d:ada1:a280:93a1	16509 (AMAZON-02) (AMAZON-02)
3	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2600:1f14:5db... 2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
27	3.160.150.114 3.160.150.114	16509 (AMAZON-02) (AMAZON-02)
78	108.138.7.11 108.138.7.11	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:6f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
2 2	2600:1f18:730... 2600:1f18:730:b120:fe0b:9d50:54cc:3f2e	14618 (AMAZON-AES) (AMAZON-AES)
2	34.197.103.220 34.197.103.220	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
256	36

1 34.117.79.164 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 164.79.117.34.bc.googleusercontent.com

biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 76.76.21.61 (Walnut, United States)

ASN16509 (AMAZON-02, US)

www.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.136.129 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.deviceinf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-92.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.66.43.60 (United States)

ASN13335 (CLOUDFLARENET, US)

transcend-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o441793.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:484f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu.mgln.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.231.85.219 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-85-219.us-west-2.compute.amazonaws.com

tvspix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)

decagon.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.52.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com

www2.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.241.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.241.160.34.bc.googleusercontent.com

flags.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.241.5.91 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 91.5.241.35.bc.googleusercontent.com

static.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.110.183.245 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 245.183.110.34.bc.googleusercontent.com

id.biltrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.175.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-175-250.eu-west-1.compute.amazonaws.com

vitals.vercel-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 173.222.108.40 (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a173-222-108-40.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.65.91.158 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-91-158.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275d:aa00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:9000:2490:8200:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 3.160.150.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-114.fra60.r.cloudfront.net

events.framer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 108.138.7.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-11.fra56.r.cloudfront.net

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:6f8 (United States)

ASN13335 (CLOUDFLARENET, US)

sync-transcend-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:730:b120:fe0b:9d50:54cc:3f2e (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.103.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-103-220.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
104	framerusercontent.com framerusercontent.com — Cisco Umbrella Rank: 65755	5 MB
43	biltrewards.com 1 redirects biltrewards.com — Cisco Umbrella Rank: 177726 www.biltrewards.com — Cisco Umbrella Rank: 230557 www2.biltrewards.com flags.biltrewards.com — Cisco Umbrella Rank: 300275 static.biltrewards.com — Cisco Umbrella Rank: 466147 id.biltrewards.com — Cisco Umbrella Rank: 352522	1 MB
27	framer.com events.framer.com — Cisco Umbrella Rank: 78510	16 KB
18	userway.org cdn.userway.org — Cisco Umbrella Rank: 6534 api.userway.org — Cisco Umbrella Rank: 6333	379 KB
9	segment.com cdn.segment.com — Cisco Umbrella Rank: 2935	68 KB
8	mgln.ai 1 redirects cdn.mgln.ai — Cisco Umbrella Rank: 69995 mgln.ai — Cisco Umbrella Rank: 34208 eu.mgln.ai — Cisco Umbrella Rank: 123248	4 KB
5	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 4652 rp4.liadm.com — Cisco Umbrella Rank: 4226 Failed rp.liadm.com — Cisco Umbrella Rank: 1654	38 KB
5	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 4356	9 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 833	153 KB
4	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 4062 rs.fullstory.com — Cisco Umbrella Rank: 3858	166 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 108	367 KB
4	transcend-cdn.com transcend-cdn.com — Cisco Umbrella Rank: 28704	132 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 246	71 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 773	1 KB
2	vercel-insights.com vitals.vercel-insights.com — Cisco Umbrella Rank: 17277	331 B
2	decagon.ai decagon.ai — Cisco Umbrella Rank: 181156	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 5	927 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	18 KB
1	sync-transcend-cdn.com sync-transcend-cdn.com — Cisco Umbrella Rank: 42397
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1836 conversions-config.reddit.com Failed	637 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1803	257 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1577	9 KB
1	gstatic.com www.gstatic.com	201 KB
1	tvspix.com tvspix.com — Cisco Umbrella Rank: 22073	194 B
1	sentry.io o441793.ingest.sentry.io — Cisco Umbrella Rank: 365202	299 B
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 27580	41 KB
1	deviceinf.com cdn.deviceinf.com — Cisco Umbrella Rank: 409019	99 KB
256	27

	Domain	Requested by
104	framerusercontent.com	www2.biltrewards.com framerusercontent.com www.biltrewards.com
35	www.biltrewards.com	www.biltrewards.com
27	events.framer.com	www2.biltrewards.com
13	cdn.userway.org	www.biltrewards.com cdn.userway.org www2.biltrewards.com
9	cdn.segment.com	www.biltrewards.com cdn.segment.com
6	mgln.ai	1 redirects www.biltrewards.com
5	api.userway.org	www.biltrewards.com cdn.userway.org
5	tags.srv.stackadapt.com	www.biltrewards.com tags.srv.stackadapt.com
5	analytics.tiktok.com	www.biltrewards.com analytics.tiktok.com
4	www.googletagmanager.com	www.biltrewards.com www.googletagmanager.com cdn.segment.com
4	transcend-cdn.com	www.biltrewards.com transcend-cdn.com
3	edge.fullstory.com	www2.biltrewards.com cdn.segment.com www.biltrewards.com
3	static.biltrewards.com	www.biltrewards.com
2	rp.liadm.com	2 redirects
2	connect.facebook.net	cdn.segment.com connect.facebook.net
2	rp4.liadm.com	www.biltrewards.com
2	pixel.tapad.com	2 redirects
2	vitals.vercel-insights.com	www.biltrewards.com
2	flags.biltrewards.com	www.biltrewards.com
2	decagon.ai	www.biltrewards.com decagon.ai
2	www.google.com	www.biltrewards.com www.gstatic.com
1	rs.fullstory.com	www.biltrewards.com
1	www.googleadservices.com	cdn.segment.com
1	sync-transcend-cdn.com	transcend-cdn.com
1	eu.mgln.ai	www.biltrewards.com
1	alb.reddit.com	www.biltrewards.com
1	region1.google-analytics.com	www.googletagmanager.com
1	b-code.liadm.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com www.biltrewards.com
1	id.biltrewards.com	www.biltrewards.com
1	www2.biltrewards.com	www.biltrewards.com
1	www.gstatic.com	www.google.com
1	tvspix.com	www.biltrewards.com
1	cdn.mgln.ai	www.biltrewards.com
1	o441793.ingest.sentry.io	www.biltrewards.com
1	cdn.plaid.com	www.biltrewards.com
1	cdn.deviceinf.com	www.biltrewards.com
1	biltrewards.com	1 redirects
0	conversions-config.reddit.com Failed	www.biltrewards.com
256	39

This site contains links to these domains. Also see Links.

Domain
instagram.com
twitter.com
facebook.com
youtube.com
www.linkedin.com
legal.biltrewards.com
biltrewards.zendesk.com
bilt.page.link
biltrewards.com
www.biltalliance.com
newsroom.biltrewards.com

Subject Issuer	Validity	Valid
www.biltrewards.com R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh
deviceinf.com Cloudflare Inc ECC CA-3	`2024-01-08` - `2024-12-31`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2024-03-12` - `2025-03-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
transcend-cdn.com GTS CA 1P5	`2024-03-20` - `2024-06-18`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
mgln.ai E1	`2024-02-08` - `2024-05-08`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
tvspix.com Amazon RSA 2048 M03	`2024-03-25` - `2025-04-24`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
decagon.ai R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
www2.biltrewards.com R3	`2024-03-16` - `2024-06-14`	3 months	crt.sh
flags.biltrewards.com GTS CA 1D4	`2024-02-18` - `2024-05-18`	3 months	crt.sh
static.biltrewards.com GTS CA 1D4	`2024-03-13` - `2024-06-11`	3 months	crt.sh
id.biltrewards.com GTS CA 1D4	`2024-03-07` - `2024-06-05`	3 months	crt.sh
vercel-insights.com Amazon RSA 2048 M03	`2023-08-23` - `2024-09-19`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-08` - `2024-07-06`	6 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
framerusercontent.com Amazon RSA 2048 M02	`2023-12-18` - `2025-01-14`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-03-07` - `2024-06-05`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
events.framer.com Amazon RSA 2048 M01	`2023-04-26` - `2024-05-23`	a year	crt.sh
sync-transcend-cdn.com Cloudflare Inc ECC CA-3	`2023-06-02` - `2024-05-31`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-03` - `2024-04-02`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-03-05` - `2024-06-03`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.biltrewards.com/
Frame ID: B97A42F07979175D478E8DBA43630C77
Requests: 113 HTTP requests in this frame

Frame: https://www2.biltrewards.com/
Frame ID: 43DE9057A31B817C423A6562036452F4
Requests: 146 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc&co=aHR0cHM6Ly93d3cuYmlsdHJld2FyZHMuY29tOjQ0Mw..&hl=de&v=moV1mTgQ6S91nuTnmll4Y9yf&size=invisible&cb=892a0a6hhmdx
Frame ID: 18937EF11FFB073A9456B488101DB8D9
Requests: 1 HTTP requests in this frame

Frame: https://decagon.ai/demo/bilt?defaultVisibility=hidden
Frame ID: 360E55746A8447F6DCA092CA0FD75A1B
Requests: 1 HTTP requests in this frame

Frame: https://sync-transcend-cdn.com/consent-manager/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f
Frame ID: 67335F2533750C72BE06ADAA26A9E6DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bilt Rewards

Page URL History Show full URLs

http://biltrewards.com/ HTTP 307
https://biltrewards.com/ HTTP 301
https://www.biltrewards.com/ Page URL

Detected technologies

DatoCMS (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+https://www\.datocms-assets\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha

Page Statistics

256
Requests

96 %
HTTPS

32 %
IPv6

27
Domains

39
Subdomains

36
IPs

4
Countries

7538 kB
Transfer

17020 kB
Size

28
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://instagram.com/BiltRewards

Search URL Search Domain Scan URL

URL: https://twitter.com/BiltRewards

Search URL Search Domain Scan URL

URL: https://facebook.com/biltrewards

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCCJoaLWfOJeBx6fD8K58nuQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/biltrewards

Search URL Search Domain Scan URL

URL: https://legal.biltrewards.com/policies
Title: Privacy Center

Search URL Search Domain Scan URL

URL: https://biltrewards.zendesk.com/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

URL: https://bilt.page.link/app
Title: App

Search URL Search Domain Scan URL

URL: https://biltrewards.com/p/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.biltalliance.com/
Title: Bilt for Real Estate Partners

Search URL Search Domain Scan URL

URL: https://newsroom.biltrewards.com/
Title: Newsroom

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://biltrewards.com/ HTTP 307
https://biltrewards.com/ HTTP 301
https://www.biltrewards.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://mgln.ai/pixel/sync.gif HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3365&partner_device_id=ed883342-0be5-4d27-9e5e-5bb22a400e13&partner_url=https%3A%2F%2Feu.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3365&partner_device_id=ed883342-0be5-4d27-9e5e-5bb22a400e13&partner_url=https%3A%2F%2Feu.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://eu.mgln.ai/pixel?tapad_id=8d7e58b8-0496-417a-a8a0-f85a59e447fa

Request Chain 117

https://rp.liadm.com/j?dtstmp=1711424780219&aid=b-00ri&se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 0
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 189

https://rp.liadm.com/j?dtstmp=1711424780219&aid=b-00ri&se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 0
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 209

https://rp.liadm.com/j?dtstmp=1711424780219&aid=b-00ri&se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 0
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 258

https://rp.liadm.com/j?dtstmp=1711424780219&aid=b-00ri&se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 0
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 266

https://rp.liadm.com/p?dtstmp=1711424781390&aid=b-00ri&se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 302
https://rp4.liadm.com/p?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424781390&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Request Chain 267

https://rp.liadm.com/p?dtstmp=1711424781390&aid=b-00ri&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTE0MjQ3ODAyMTkmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaHN3ZHZkLi4uIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiRXJyb3I6IEVycm9yIGR1cmluZyBYSFIgY2FsbDogMCwgdXJsOiBodHRwczovL3JwLmxpYWRtLmNvbS9qP2R0c3RtcD0xNzExNDI0NzgwMjE5JmFpZD1iLTAwcmkmc2U9ZTMwJmR1aWQ9MDVlMjFlOWE2ODZlLS0wLi4uIiwiZmlsZU5hbWUiOiJ1bmRlZmluZWQifQ&wpn=lc-bundle&cd=.biltrewards.com&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4 HTTP 302
https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTE0MjQ3ODAyMTkmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaHN3ZHZkLi4uIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiRXJyb3I6IEVycm9yIGR1cmluZyBYSFIgY2FsbDogMCwgdXJsOiBodHRwczovL3JwLmxpYWRtLmNvbS9qP2R0c3RtcD0xNzExNDI0NzgwMjE5JmFpZD1iLTAwcmkmc2U9ZTMwJmR1aWQ9MDVlMjFlOWE2ODZlLS0wLi4uIiwiZmlsZU5hbWUiOiJ1bmRlZmluZWQifQ&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424781390&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

256 HTTP transactions
22 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.biltrewards.com/
Redirect Chain

http://biltrewards.com/
https://biltrewards.com/
https://www.biltrewards.com/

26 KB
8 KB

296ms
234ms

Document
text/html

76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

0caaed1508f164e113063d5e0e7230d242ce28e70626b810496c46c6bb67501c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-type: text/html; charset=utf-8
date: Tue, 26 Mar 2024 03:46:19 GMT
referrer-policy: origin
server: Vercel
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-content-type-options: nosniff
x-matched-path: /
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: cle1
x-vercel-id: fra1::cle1::kjnjj-1711424779398-e45583a32768
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 26 Mar 2024 03:46:19 GMT
location: https://www.biltrewards.com:443/

GET
H2 200 webpack-0393b73681b9c9ba.js Show response
www.biltrewards.com/_next/static/chunks/ 5 KB
5 KB 25ms
25ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/webpack-0393b73681b9c9ba.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2f543ba6ad9acd2c8bbd2d094b64fcfc090d026d600591b23e8324fd1d014b42

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26819
content-disposition: inline; filename="webpack-0393b73681b9c9ba.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::skdqx-1711424779639-017da5455942
x-matched-path: /_next/static/chunks/webpack-0393b73681b9c9ba.js
etag: W/"05426032b618c73e2baea8e8532eef62"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 2898fb94-f8b8b612d4af854e.js Show response
www.biltrewards.com/_next/static/chunks/ 168 KB
57 KB 24ms
24ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/2898fb94-f8b8b612d4af854e.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8f0120e0189536f077e550f982fe1487fa021c0665295cc93095ebc50a872926

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26818
content-disposition: inline; filename="2898fb94-f8b8b612d4af854e.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::j2n8l-1711424779639-dee0d66a003a
x-matched-path: /_next/static/chunks/2898fb94-f8b8b612d4af854e.js
etag: W/"c49c30c143009a2692516bade933a4bb"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 1572-9b7e73a3439ce0d2.js Show response
www.biltrewards.com/_next/static/chunks/ 125 KB
38 KB 35ms
33ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/1572-9b7e73a3439ce0d2.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

926667709735abc354694cafe5a6f921534e361a9a44fa1fb553a09a6f934d68

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26818
content-disposition: inline; filename="1572-9b7e73a3439ce0d2.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::j2n8l-1711424779650-2f60654b4924
x-matched-path: /_next/static/chunks/1572-9b7e73a3439ce0d2.js
etag: W/"5b08d7aa63860b5a13e758d62ff67770"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 main-app-e393c4ca7686f0a7.js Show response
www.biltrewards.com/_next/static/chunks/ 2 KB
4 KB 34ms
32ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/main-app-e393c4ca7686f0a7.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ab6c7fe241de4b6bac4a005db3753fa9608a1abfba9c5992e7dec7ba9c06f770

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26818
content-disposition: inline; filename="main-app-e393c4ca7686f0a7.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::w9m2z-1711424779650-f479348bdf54
x-matched-path: /_next/static/chunks/main-app-e393c4ca7686f0a7.js
etag: W/"0074782aa16fbe740b30617cb9acd679"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 d7bc610a-6fae3b11e3c708f3.js Show response
www.biltrewards.com/_next/static/chunks/ 120 KB
41 KB 52ms
50ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/d7bc610a-6fae3b11e3c708f3.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

16c8ce0020feedc9ba2a4ae6860899e8bce45f1d572e5900063b9fad8568d8a3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26818
content-disposition: inline; filename="d7bc610a-6fae3b11e3c708f3.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::kjnjj-1711424779650-3135b2ec0c6c
x-matched-path: /_next/static/chunks/d7bc610a-6fae3b11e3c708f3.js
etag: W/"b2b4a14b8fdd40b03a9ddc22beeaa6dd"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 7760-1d941d7dd94d789c.js Show response
www.biltrewards.com/_next/static/chunks/ 37 KB
17 KB 68ms
66ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/7760-1d941d7dd94d789c.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5301795a6b41d47880c38848382c017bf424c9d840f8509dd1bd32df4c12afab

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26818
content-disposition: inline; filename="7760-1d941d7dd94d789c.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::g8fnr-1711424779651-3f618698c743
x-matched-path: /_next/static/chunks/7760-1d941d7dd94d789c.js
etag: W/"78eb44a15edb852ffaa614472b2791c8"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 4310-4834e0670728ad52.js Show response
www.biltrewards.com/_next/static/chunks/ 15 KB
8 KB 35ms
34ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/4310-4834e0670728ad52.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

79ccbd0e8a92a156846969b08bbcb223f9b6052138c1a08c94bea40422ff150d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26818
content-disposition: inline; filename="4310-4834e0670728ad52.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::skdqx-1711424779650-621748135f62
x-matched-path: /_next/static/chunks/4310-4834e0670728ad52.js
etag: W/"3451a28baf620026a4cb0f121ec32612"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 5902-991095c944b75a9f.js Show response
www.biltrewards.com/_next/static/chunks/ 298 KB
97 KB 66ms
64ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d85f6d8aada92f5096c64f8f75a1fb737ead4bb8b8f7f905dc8012ff17a2b16b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26817
content-disposition: inline; filename="5902-991095c944b75a9f.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cn8rh-1711424779651-1721bb371122
x-matched-path: /_next/static/chunks/5902-991095c944b75a9f.js
etag: W/"4cdaf732f855089cce93fdd5a09a70c2"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 6873-19403cb93e85ea1d.js Show response
www.biltrewards.com/_next/static/chunks/ 102 KB
38 KB 70ms
68ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/6873-19403cb93e85ea1d.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8b2bceb15f2fac51a49b570f0acd48428b768f40b01e38f0bcb9c3d99de0d840

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26817
content-disposition: inline; filename="6873-19403cb93e85ea1d.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::sg59t-1711424779651-5bd1f5b37ef3
x-matched-path: /_next/static/chunks/6873-19403cb93e85ea1d.js
etag: W/"0f976592451f937d00726261f45c44bb"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 5833-d6c0830e88e35de6.js Show response
www.biltrewards.com/_next/static/chunks/ 10 KB
6 KB 63ms
61ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/5833-d6c0830e88e35de6.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f066807b17348a537404044b05d4a9ef19507b9f3f1da220202e83f84d9b36e0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26817
content-disposition: inline; filename="5833-d6c0830e88e35de6.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::j2n8l-1711424779656-61f34f873967
x-matched-path: /_next/static/chunks/5833-d6c0830e88e35de6.js
etag: W/"adb3d79f68f90b2d775aefd807459a06"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 4329-45d3255f003d06cc.js Show response
www.biltrewards.com/_next/static/chunks/ 160 KB
56 KB 56ms
55ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/4329-45d3255f003d06cc.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

52c2f4e7ae21624ef4ca9b38c4b0bd703fc2b6255167fa088377c0656530486b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26817
content-disposition: inline; filename="4329-45d3255f003d06cc.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::w9m2z-1711424779657-821dee5a8f93
x-matched-path: /_next/static/chunks/4329-45d3255f003d06cc.js
etag: W/"e8c8c92c5ee7c5c88884a81b42f239b3"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 2355-df954dc39e7da27f.js Show response
www.biltrewards.com/_next/static/chunks/ 5 KB
5 KB 85ms
84ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/2355-df954dc39e7da27f.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0344d881cc333973c5860de042de941d42aa1ab2eba1c6418920fb7e9c1bc46f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26816
content-disposition: inline; filename="2355-df954dc39e7da27f.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::ddb6l-1711424779657-b237503f1919
x-matched-path: /_next/static/chunks/2355-df954dc39e7da27f.js
etag: W/"6a6f0d30ce7f669754299768deff34d2"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 3838-71a004454d74c8c3.js Show response
www.biltrewards.com/_next/static/chunks/ 40 KB
17 KB 65ms
64ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/3838-71a004454d74c8c3.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6453508d032caa771b0ddd00791fba5b71ddfc35cf4bb4d5f5cde5996a9c8111

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26816
content-disposition: inline; filename="3838-71a004454d74c8c3.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::skdqx-1711424779657-f0ac74a9e0da
x-matched-path: /_next/static/chunks/3838-71a004454d74c8c3.js
etag: W/"d442f4384f722dfe32556e2559d1a9a5"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 7114-5c502e63f47448ad.js Show response
www.biltrewards.com/_next/static/chunks/ 17 KB
9 KB 55ms
54ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/7114-5c502e63f47448ad.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bdb43885d32a665b4f99e3d26c33b12b678b29bc634a5f40039532177074a016

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26815
content-disposition: inline; filename="7114-5c502e63f47448ad.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::kjnjj-1711424779657-208d54c1d859
x-matched-path: /_next/static/chunks/7114-5c502e63f47448ad.js
etag: W/"a24597db1b6bc9c46896314f1283c161"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 7804-bb3594003acd3b76.js Show response
www.biltrewards.com/_next/static/chunks/ 27 KB
12 KB 88ms
87ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/7804-bb3594003acd3b76.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e2ca97016a5c7173d0d465ace4fc7994c40cf59af44d0c63a2c72c4c6d35c905

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26815
content-disposition: inline; filename="7804-bb3594003acd3b76.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::zlvm5-1711424779671-b38edb24fe13
x-matched-path: /_next/static/chunks/7804-bb3594003acd3b76.js
etag: W/"ac1ae251382cf57300718a85bef4a084"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 1044-6f3c99be24b4637f.js Show response
www.biltrewards.com/_next/static/chunks/ 224 KB
73 KB 77ms
76ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/1044-6f3c99be24b4637f.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c519dbc1262e2eae86cad5d0fed1b32d1e68e77c6bef3088b6cd0dd3fbf00635

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26817
content-disposition: inline; filename="1044-6f3c99be24b4637f.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::5f2bp-1711424779657-48a4a300e22f
x-matched-path: /_next/static/chunks/1044-6f3c99be24b4637f.js
etag: W/"d064d89ad20dfa06ec24a545b2ee16c2"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 3427-c13357d0db649540.js Show response
www.biltrewards.com/_next/static/chunks/ 350 KB
86 KB 75ms
74ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/3427-c13357d0db649540.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

53705bf478d47132963db34c4b8e919ef343eed76cf82d16532aa3c3342ed27b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26817
content-disposition: inline; filename="3427-c13357d0db649540.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::lbxpl-1711424779657-cdb6fe67e90b
x-matched-path: /_next/static/chunks/3427-c13357d0db649540.js
etag: W/"23c8e21146b5e733205334e06d45cb71"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 5831-86942244d65db955.js Show response
www.biltrewards.com/_next/static/chunks/ 10 KB
6 KB 78ms
77ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/5831-86942244d65db955.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ae4626d73dba7dc3c0bf84b05554f94e85940e53bf06dacfe25d8b71455bc3d1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26815
content-disposition: inline; filename="5831-86942244d65db955.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::d2zs8-1711424779657-01f64809f30a
x-matched-path: /_next/static/chunks/5831-86942244d65db955.js
etag: W/"d0bad30fcdcc4c2889cca9c18baedce7"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 9026-500b34b33c0072d2.js Show response
www.biltrewards.com/_next/static/chunks/ 76 KB
27 KB 76ms
75ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/9026-500b34b33c0072d2.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

38ff9e4f2b2974d39d0461a82ef82680b3b0cf712a0b2ebe5b7bb712c82c1b9f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26815
content-disposition: inline; filename="9026-500b34b33c0072d2.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::9m55t-1711424779657-9108b3251065
x-matched-path: /_next/static/chunks/9026-500b34b33c0072d2.js
etag: W/"c8fee204a1f7fe87a86cf8a10b652f5f"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 layout.page-a7017af000fd0eba.js Show response
www.biltrewards.com/_next/static/chunks/app/ 77 KB
25 KB 77ms
77ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/app/layout.page-a7017af000fd0eba.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fea3a6970ec3a1d6d7ec8758981775414b0e44667ba41be37aceca4c8b4bfe52

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26815
content-disposition: inline; filename="layout.page-a7017af000fd0eba.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::46qc4-1711424779657-daef23394e37
x-matched-path: /_next/static/chunks/app/layout.page-a7017af000fd0eba.js
etag: W/"4b8e66cf8d124598acc57a9b1103e07b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 ada-compliance.js Show response
www.biltrewards.com/assets/vendor/ 2 KB
3 KB 42ms
41ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/assets/vendor/ada-compliance.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

409c45f4c5dba51089b142af082a8c9595854b2d225b02996347b00d92d2a95d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26819
content-disposition: inline; filename="ada-compliance.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::w9m2z-1711424779641-dbee1f38a721
x-matched-path: /assets/vendor/ada-compliance.js
etag: W/"3e0347161bc15628d0f698ac48a39acf"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate

GET
H3 200 agent.js Show response
cdn.deviceinf.com/js/v4/ 310 KB
99 KB 78ms
43ms Script
application/javascript 172.67.136.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.deviceinf.com/js/v4/agent.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:19 GMT
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
via: 1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P4
age: 346
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
server: cloudflare
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VzIPC55hUbHKvfETIde1Mb6imotmqtH6UjIivt5uO%2B5AaWDDVGk%2BOu%2FZucnDHjAT49krXGSwtTdc7PU95FzvPwehTMLptDXRGbOgZQF8EEqrmB%2Ff8tXa5LFh3XXoKNRe%2FgUkpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86a42728fa082bb8-FRA
x-amz-cf-id: n6SNIe6bznhJgQg0ZGZXYEgW9oRWjCHhJFtlCVxu612WzUwy3lUfvQ==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 147 KB
41 KB 134ms
50ms Script
text/javascript 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7381dabfeed2ef218e9ddb83a50ff19577e03e6c0c067d0f2e7f53d8496e531d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: sPTCCv6PQEC1lqn0zop5CxZg21KYNb6E
content-encoding: br
via: 1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
date: Tue, 26 Mar 2024 02:36:17 GMT
x-amz-request-id: JNAC4HCC3X9SNSM6
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
age: 4203
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: FKGwHAcQfYZUBfRJy5nqll1LTjjBFlYbqPuQEp18Eagqfydtkz+bT+lwOwlVI3ybTtmpgDKh4c+x+nRRK0UqI11JXz1BogkM
last-modified: Mon, 25 Mar 2024 13:48:30 GMT
server: AmazonS3
etag: W/"cc85c2331234db66490de1aef38a0037"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: Q1FloZUKBOuCKDq0NrqnnJClwi8VI5koXLO1SX5moLbdQSi5Qxw0Zw==

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
927 B 79ms
34ms Script
text/javascript 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

56ed889bf113761a49404e292b16e419e8c1a1e290f0afa86e46f9aa519197f9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 26 Mar 2024 03:46:19 GMT

GET
H3 200 airgap.js Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ 105 KB
43 KB 271ms
209ms Script
text/javascript 172.66.43.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

193f70e3ef4fb576a502cd67546306e9ec798eb04db2cbb8f42e19b719f75fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"f40739130aa0cc889c7fc63c2ffe78ae"
expect-ct: max-age=86400, enforce
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
cf-ray: 86a427292ec939ce-FRA

GET
H2 200 9555.7c013940cfaea004.js Show response
www.biltrewards.com/_next/static/chunks/ 3 KB
4 KB 145ms
136ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/9555.7c013940cfaea004.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/webpack-0393b73681b9c9ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f422f925915513f143a6eee36301ae4d38627dc7007c51abd711e6b5baeb1f04

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26467
content-disposition: inline; filename="9555.7c013940cfaea004.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::zlvm5-1711424779795-1fd5e77327d3
x-matched-path: /_next/static/chunks/9555.7c013940cfaea004.js
etag: W/"9223621128f53c9a3d52661b568da937"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 9ffa21ba-a4dee154b5376911.js Show response
www.biltrewards.com/_next/static/chunks/ 68 KB
28 KB 27ms
23ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/9ffa21ba-a4dee154b5376911.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/webpack-0393b73681b9c9ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bd74db3897814eea3855e048e8896dfd9afa3cf6b76df3a85c8b897d3cd502f9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26561
content-disposition: inline; filename="9ffa21ba-a4dee154b5376911.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::gjcvb-1711424779727-f12fefbf085e
x-matched-path: /_next/static/chunks/9ffa21ba-a4dee154b5376911.js
etag: W/"091d58abb806fc971605cd248d5808f3"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

GET
H2 200 page.page-c73796840a19bf3c.js Show response
www.biltrewards.com/_next/static/chunks/app/ 4 KB
5 KB 25ms
21ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/_next/static/chunks/app/page.page-c73796840a19bf3c.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/webpack-0393b73681b9c9ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7ac3cd56eadcd424cbadfd038defd683d1c72bf1ddaae70b3c643401f088a880

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 26467
content-disposition: inline; filename="page.page-c73796840a19bf3c.js"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::5f2bp-1711424779727-1a568d7f2bae
x-matched-path: /_next/static/chunks/app/page.page-c73796840a19bf3c.js
etag: W/"7af8cb0856a8c3aed148418d73b67220"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable

POST
H2 200 / Show response
o441793.ingest.sentry.io/api/5823479/envelope/ 2 B
299 B 77ms
21ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o441793.ingest.sentry.io/api/5823479/envelope/?sentry_key=50f039ff934e419597bde8e7652fc3d8&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.99.0

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 276 KB
94 KB 83ms
39ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/app/layout.page-a7017af000fd0eba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10ed612bf01181f7831121fba1f8755689e77062486ac6f8578eab7403733f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95807
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Mar 2024 03:46:19 GMT

GET
H2 200 pixel.min.js Show response
cdn.mgln.ai/ 4 KB
2 KB 82ms
26ms Script
application/javascript 2606:4700:20::ac43:484f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mgln.ai/pixel.min.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/app/layout.page-a7017af000fd0eba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:484f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ccd0c0f3d7a88ddbae1648ae059a9e2a52540e691a7af0df30e4d3b2292bbc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:19 GMT
x-amz-version-id: Qluw.Dmpsqk5N8uDOhUTz5or_W6D3CxC
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3A8R91BMW2FPZZXB
age: 3307
x-amz-server-side-encryption: AES256
x-amz-id-2: 1M+zmkXPHkyQ0gCfduAq6wWLe59+4IU+uynyc+iub4Fu1ov/GHVz2ExtTtNEw3Mf3oa2Lr6HIQ8=
last-modified: Thu, 08 Dec 2022 20:53:16 GMT
server: cloudflare
etag: W/"37bf51efaf3af89068b080c2d9635113"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uC94MvFLhWc8gpCC7As4kxvJLQ%2FqnHrTMPbDwXesSqRxKyJRvkX0%2FqPxVTUOSwrRR8H8CpvLYzBYgxhsdfGTTotmiS2nMKSE5z4zbWMHjOJY%2Bn9xKLf8sBNooNtGUTYGFrzDCqkIJ1nq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86a4272a094e900c-FRA

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/ 108 KB
29 KB 716ms
659ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/app/layout.page-a7017af000fd0eba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84699ac3ebafd533bb69251643067471aa56ed453a127636e8708311edc145ad

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: w3pXlSH0tsMNnZgtLwwS.42KPIr7BB7B
content-encoding: br
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
date: Tue, 26 Mar 2024 03:46:21 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 11 Mar 2024 10:58:54 GMT
server: AmazonS3
etag: W/"42bb0ab34a46ea7da53a6657eea9656e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: But2LHeJG-qM-z8jLnZ0qxKRYDQt9CaK5ptPLGRqZjvJkWyyrIr4Ag==

GET
H2 200 t.png
tvspix.com/ 68 B
194 B 1042ms
186ms Image
image/png 44.231.85.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tvspix.com/t.png?&t=1711424779785&l=tvscientific-pix-o-946859a1-af7d-49da-bef5-a1dcf030077a&u3=https%3A%2F%2Fwww.biltrewards.com%2F
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.231.85.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-85-219.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 26 Mar 2024 03:46:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 68
expires: 0

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 86ms
18ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/assets/vendor/ada-compliance.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b2e3f16ae511e86bb8f35bedc5ec535f6db1a240e256ea032e0d295ec9231d06

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:19 GMT
via: 1.1 20bac96d0c0df74d5e600294d22661e6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-P1
age: 786
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 2452
x-accel-date: 1711422327
x-77-nzt: EgwBw7WvDgH3lAkAAAwBnJIhHwH3egEAAA
x-accel-expires: @1711425927
x-77-age: 2830
last-modified: Fri, 22 Mar 2024 12:49:42 GMT
server: CDN77-Turbo
etag: W/"129ee7922b92960062be5efeed043099"
x-77-nzt-ray: 90833930d6aa55a10b4502668eb19734
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: nQSOmO1Rzby-2MjUug1YpkVh8wtmFTTqY8iOkTJd-RFQ04eCrjerVw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/ 502 KB
201 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4ddb0e0c3bda5d6e61d56a544a7ff9ea3691eaa5126187daa6ed1875ba93e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 18:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204859
x-xss-protection: 0
last-modified: Mon, 25 Mar 2024 04:00:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Mar 2025 18:29:43 GMT

GET
H2 200 bilt.js Show response
decagon.ai/loaders/ 3 KB
1 KB 107ms
34ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://decagon.ai/loaders/bilt.js

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/2898fb94-f8b8b612d4af854e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fa10a41a8fd89e1784da2ae09f9d4f1cee48e98161e3ab35ec20cd9e2d9fba47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:19 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::t2982-1711424779930-ea0e0375a540
age: 192217
x-matched-path: /loaders/bilt.js
etag: W/"653cacd6241644d8457a997c6cf05e54"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="bilt.js"

GET
H2 200 / Show response
www2.biltrewards.com/ Frame 43DE 2 MB
185 KB 160ms
45ms Document
text/html 52.223.52.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.biltrewards.com/

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/2898fb94-f8b8b612d4af854e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.223.52.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0b1d980e1f2226c6.awsglobalaccelerator.com

Software

Caddy/0a07437 /

Resource Hash

7e9a6836b171f4587dd193f71510537bae99c29c96f5b72ae0882d524c8c64e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 188479
content-type: text/html
date: Tue, 26 Mar 2024 03:46:19 GMT
etag: "c65fd941b6ab190b945ba25adfa55e1a"
last-modified: Mon, 26 Feb 2024 16:18:29 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server: Caddy/0a07437
server-timing: region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="0a07437"
strict-transport-security: max-age=31536000
vary: Accept-Encoding

OPTIONS
H2 200 frontend
flags.biltrewards.com/api/ Frame 0
0 284ms
214ms Preflight 34.160.241.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://flags.biltrewards.com/api/frontend?sessionId=621604425&appName=bilt-rewards&environment=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.241.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.241.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://www.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: OPTIONS, CONNECT, HEAD, PATCH, TRACE, POST, PUT, DELETE, GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 26 Mar 2024 03:46:19 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google

GET
H2 200 GT-America-Standard-Medium.woff2
static.biltrewards.com/fonts/ 56 KB
56 KB 120ms
44ms Font
application/octet-stream 35.241.5.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.biltrewards.com/fonts/GT-America-Standard-Medium.woff2
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.91 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.5.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 500ba18736d9e2fc79546b0f1ff540b8d022a0405718c9c460e6da300f18f7d3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 02:55:22 GMT
age: 3057
x-guploader-uploadid: ABPtcPpyfhY7K2a0IaBMyi6ZqHDbsqPYrX44Ve21SS-Vla7ohhk5fA3IWviK0BXCGk_5I771IO4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57076
last-modified: Wed, 24 May 2023 18:38:03 GMT
server: UploadServer
etag: "63dc66a0acb63f7b9c52d3a1996896dc"
vary: Origin
x-goog-generation: 1684953483763390
x-goog-hash: crc32c=rAUnxg==, md5=Y9xmoKy2P3ucUtOhmWiW3A==
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 57076
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 GT-America-Standard-Regular.woff2
static.biltrewards.com/fonts/ 57 KB
57 KB 98ms
22ms Font
application/octet-stream 35.241.5.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.biltrewards.com/fonts/GT-America-Standard-Regular.woff2
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.91 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.5.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9182e5785106498f498602328fe7137d757143fcf66ff2f263ac75f3ca54d7e2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 02:55:23 GMT
age: 3056
x-guploader-uploadid: ABPtcPq7Vqo1je9cEJQ_MBItoJ5psCuVBdEL53CP7Ts-txZ8FnKSo38EJpMHR_pXang6PLXiLBcgKs7ZErsqpZ4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-x-goog-reserved-source-generation: 1668523730209285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58164
last-modified: Mon, 20 Mar 2023 23:30:32 GMT
server: UploadServer
etag: "34faea2a319852842506af0b1871af2f"
vary: Origin
x-goog-generation: 1679355032260337
x-goog-hash: crc32c=3JtdcA==, md5=NPrqKjGYUoQlBq8LGHGvLw==
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 58164
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 rent-day Show response
www.biltrewards.com/api/ 161 B
3 KB 305ms
304ms XHR
application/json 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/api/rent-day

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

39e2844db8d5dccd00488dd7d9e1a76ba7d81f7f799e45e56d3bc3728b54ed5a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
date: Tue, 26 Mar 2024 03:46:20 GMT
referrer-policy: origin
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::cle1::zlvm5-1711424779914-dc22fd4da5bd
age: 0
x-content-type-options: nosniff
etag: "12h9urkqc0w4h"
x-vercel-cache: MISS
x-matched-path: /api/rent-day
content-type: application/json; charset=utf-8
cache-control: public
content-length: 161
x-xss-protection: 1; mode=block

GET
H2 400 token Show response
id.biltrewards.com/public/user/authentication/ 164 B
407 B 286ms
222ms XHR
application/json 34.110.183.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://id.biltrewards.com/public/user/authentication/token
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.183.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.183.110.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 76eb6e919e16fb2d7f371bc82268e202723b5d022aea7ad97c6b43dfaa115a33

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
content-type: application/json;
access-control-allow-origin: https://www.biltrewards.com
x-cloud-trace-context: 4bbee6e4e05bfaf2719be22f3c98a991
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162

GET
H2 200 frontend Show response
flags.biltrewards.com/api/ 4 KB
823 B 142ms
141ms Fetch
application/json 34.160.241.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://flags.biltrewards.com/api/frontend?sessionId=621604425&appName=bilt-rewards&environment=default
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.241.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.241.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 118582ac1cf7e0f1fd21d342075d79b0efffb67feeb65a8dc519f1dcc17be257

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
Authorization: bilt-frontend:production.4ecbf2972c41cd20e95e223a3a8f1be63d54d659b61391749811b96e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.biltrewards.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
content-encoding: br
via: 1.1 google
etag: W/"10a1-SdoaVH24KwMxZMliYOESNA=="
vary: accept-encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
www.biltrewards.com/ 80 B
3 KB 241ms
241ms Fetch
text/x-component 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/?_rsc=acgkz

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

4c64c0418bf3e7b1432b463691b4134b83ab6e4d459deebfb7a6e9df4d9e1c29

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Next-Router-Prefetch: 1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Next-Url: /
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:19 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::kkv9q-1711424779921-c7fa1618981b
x-matched-path: /index.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

GET
H2 404 terms
www.biltrewards.com/ 29 B
0 248ms
247ms Fetch
text/html 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/terms?_rsc=acgkz

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Next-Router-Prefetch: 1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Next-Url: /
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
date: Tue, 26 Mar 2024 03:46:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 0
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
x-imgix-id: 562148e6f3d2c99baa7925343384ec38db753b97
x-status: MISS
content-length: 29
x-xss-protection: 1; mode=block
x-served-by: cache-sjc1000090-SJC, cache-fra-eddf8230071-FRA
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::gjcvb-1711424779921-80bd4192253c
vary: Accept-Encoding
content-type: text/html,text/html
access-control-allow-origin: *
cache-control: no-store
accept-ranges: bytes
cf-ray: 86a4272a8982bb56-FRA
timing-allow-origin: *

GET
H2 404 bilt-platform-terms-of-use
www.biltrewards.com/terms/ 29 B
0 654ms
654ms Fetch
text/html 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/terms/bilt-platform-terms-of-use?_rsc=acgkz

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Next-Router-Prefetch: 1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Next-Url: /
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
date: Tue, 26 Mar 2024 03:46:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
x-imgix-id: 30a390817495c130e40a9548b7037e6cbeadef05
x-status: MISS
content-length: 29
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10026-SJC, cache-fra-eddf8230028-FRA
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::5f2bp-1711424779921-8ec58cd00679
vary: Accept-Encoding
content-type: text/html,text/html
access-control-allow-origin: *
cache-control: no-store
accept-ranges: bytes
cf-ray: 86a4272a9c634dc3-FRA
timing-allow-origin: *

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
166 B 270ms
163ms Ping
text/plain 34.251.175.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/1572-9b7e73a3439ce0d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.175.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-175-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
cross-origin-resource-policy: cross-origin
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET
H2 204 init Show response
mgln.ai/ 0
1 KB 237ms
228ms XHR
text/plain 2606:4700:20::ac43:484f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgln.ai/init

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:484f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-length: 0
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711424780&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=P8bXsJaC6B06PU74DGE1NE7aQYlieZWUg8JOHyR1CqE%3D
x-request-id: 3eeafd20-e68c-4e14-93f0-d6b146383a99
x-runtime: 0.001173
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET, POST
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711424780&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=P8bXsJaC6B06PU74DGE1NE7aQYlieZWUg8JOHyR1CqE%3D"}]}
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache
vary: Origin
cf-ray: 86a4272a9974900c-FRA

GET
H2 200 widget_app_base_1711111645169.js Show response
cdn.userway.org/widgetapp/2024-03-22-12-47-25/ 151 KB
43 KB 72ms
36ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-22-12-47-25/widget_app_base_1711111645169.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b3c03f17029f497fe1bf6a3444a93bd564779b9258ca4afa85f652f74b2b2c7d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:19 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 591
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 311759
x-accel-date: 1711113020
x-77-nzt: EgwBw7WvDgH3z8EEAAwBJRPCNAH3PAIAAA
x-accel-expires: @1737032448
x-77-age: 312331
last-modified: Fri, 22 Mar 2024 12:49:36 GMT
server: CDN77-Turbo
etag: W/"1c26724162adaea31f96227c8aca0d74"
x-77-nzt-ray: 908339303bac00a20b4502660d161c39
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: 9i__PuUSnnI2ggr0FTH65S9BZ5-qJWnTh3xLlIzspoTPXLCiITg8qg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
86 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10874839969&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18316abe74ac65f47a5d06b502b51d04cf1e91848379da81bbd7448346f8aba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87879
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Mar 2024 03:46:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
94 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QLSYZKSM0E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0d7f1099e8a38877c4481bd8b9d4a85f48aa2018c43e03bc4859849ea7887c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Mar 2024 03:46:19 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 28 KB
9 KB 83ms
19ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Feb 2024 20:38:48 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "9a680c8c475d8bba600d4d87b4fa7ee5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8702

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 220ms
144ms Script
application/javascript 173.222.108.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9G398RC77U9N0P9KPM0&lib=ttq
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.222.108.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a173-222-108-40.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 09cbe8bf5c69cd627906b8da49872816f098d7cfcd314e9088c65e18e8909002

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: dc2255d2.2abfe259
date: Tue, 26 Mar 2024 03:46:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403260346204581F9DF9F95FB6DB519-1258929672CA3E72-00
x-cache: TCP_MISS from a173-222-108-36.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
x-parent-response-time: 100,173.222.108.36
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=8, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202403260346204581F9DF9F95FB6DB519
x-cache-remote: TCP_MISS from a23-48-100-39.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.48.100.39
x-tt-trace-host: 015c91947f38d3c27845e9b099943b1b0d352f93d1b70f1c59c809968c791e6222a9c8b3356887021a015218ebcd18c19e05af486bf4dd29ecdca5d10146a65b61575cb7c8a1722a9abe77e5ac341add66c16c28e930ad8e029e6a0a360d9d92ddbd326681a98be4c86798f71deabe92bd
expires: Tue, 26 Mar 2024 03:46:20 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 222ms
168ms Script
text/javascript 3.65.91.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.65.91.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-91-158.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9675f2c47b2cbc7dbce3ed06cc60e88f36f3915dc9472c86c9d0e7b37fe17488

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 26 Mar 2024 03:46:20 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 b-00ri.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 75ms
21ms Script
application/javascript 2600:9000:275d:aa00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/b-00ri.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:aa00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b220223a8800d05dc359ab6bd8cb71e35cf06dde9bedc2f5d9014df3b1e4e1ac

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 15:35:15 GMT
content-encoding: gzip
via: 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 43864
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: j-ziTqyorBXH0PP4HbQPHHNyMiXH8Wpe6ohXJGsljWwqWMsb7szBeQ==

GET
H3 200 ui.js Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ 295 KB
83 KB 202ms
162ms Script
text/javascript 172.66.43.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ui.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87a3392313500de980b01445d72f2f7e95bc0d26d5f938bb2f1a7ab569caf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 42233
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"2ff4fae52b8ac954d5874b92987806e9"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 86a4272afb5718d3-FRA
expires: Tue, 26 Mar 2024 03:47:20 GMT

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 1893 0
0 223ms
55ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdUsBMkAAAAAGCY6fvbV46vZCjoomh2kmbSEGnc&co=aHR0cHM6Ly93d3cuYmlsdHJld2FyZHMuY29tOjQ0Mw..&hl=de&v=moV1mTgQ6S91nuTnmll4Y9yf&size=invisible&cb=892a0a6hhmdx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TwI9xNHjsu3zmuHw8GLUWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TwI9xNHjsu3zmuHw8GLUWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Mar 2024 03:46:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 chunk-2VHEOU5P.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 43DE 237 B
1 KB 161ms
20ms Script
text/javascript 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-2VHEOU5P.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c5a117528329738aff06f1a4fa77201064d66c403b2bf7cc1724d4a3b957cecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 22 Feb 2024 18:39:00 GMT
x-amz-version-id: xMv5mTLsm_ovm.yvRM9A3wdmSua9MR0B
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2797641
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="OcQKDa3-y08osQ4MOAZZ9zlwJ1fzEZ1qw7RxcZp0l6mJgk565DIi0Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
content-length: 237
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 22 Feb 2024 18:16:00 GMT
server: CloudFront
etag: "3ad91d3dd992ec44287803a612b894dd"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: OcQKDa3-y08osQ4MOAZZ9zlwJ1fzEZ1qw7RxcZp0l6mJgk565DIi0Q==

GET
H2 200 chunk-EVVCVOZG.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 43DE 532 KB
159 KB 164ms
23ms Script
text/javascript 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

605070c44d16a9e391ed4c68a3e48dd0efd48f7939cfa088916f39bd18feaa0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 22 Feb 2024 18:27:58 GMT
x-amz-version-id: N.o208jScWOlDM9p97p_0RrnHpKhswdv
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
age: 2798303
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="TGPAtaLUswboGFg_DYJljk3XU0MlemEpDeOFiYpAdpttAG8b9yI-DA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 22 Feb 2024 18:16:00 GMT
server: CloudFront
etag: W/"1d4c808f31f1907618c4a8438a4e4003"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: TGPAtaLUswboGFg_DYJljk3XU0MlemEpDeOFiYpAdpttAG8b9yI-DA==

GET
H2 200 chunk-ELYU6EKT.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 43DE 447 B
1 KB 205ms
64ms Script
text/javascript 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-ELYU6EKT.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Jan 2024 02:31:13 GMT
x-amz-version-id: KBor7BFQn_pp2zxPGsA.bi5b6hyTs2yW
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 6052508
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="CXO0KGoLt3junr4InUKy0Le2gGDk97OzZHu2_34ERRq_RhS1Io1XMA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
content-length: 447
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jan 2024 18:18:07 GMT
server: CloudFront
etag: "bac0d5b5f6a61029b51079932ccda746"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: CXO0KGoLt3junr4InUKy0Le2gGDk97OzZHu2_34ERRq_RhS1Io1XMA==

GET
H2 200 EkYXWq9mwiGOE-a_m1lO60-ZFGli-jQMurVjWGA3Q8E.MVYFFFGH.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 43DE 983 KB
217 KB 207ms
67ms Script
text/javascript 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/EkYXWq9mwiGOE-a_m1lO60-ZFGli-jQMurVjWGA3Q8E.MVYFFFGH.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

46aa7c5d65e6da5049fa9e60e8504241f5014ca7e8a633c7d6905c576ec21145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 26 Feb 2024 16:21:22 GMT
x-amz-version-id: KOTOMgiT3D1DBwXKKTTIHIz.4h31ku_C
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
age: 2460298
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="H6Zxs5yDm8soO0Rm31gVBz95T6nWM3VLgrC6mY3Qfa1lo8ZuZPIQow==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Feb 2024 16:18:27 GMT
server: CloudFront
etag: W/"edd26751c7400569f1886548e6935d2e"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: H6Zxs5yDm8soO0Rm31gVBz95T6nWM3VLgrC6mY3Qfa1lo8ZuZPIQow==

GET
H2 200 chunk-YMXEJLDD.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 43DE 700 B
2 KB 227ms
87ms Script
text/javascript 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-YMXEJLDD.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

1d6ec88f567df6145ff31cc4f634d8c576965b5572838f97f9de77af6c3d3239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 07 Feb 2024 07:46:54 GMT
x-amz-version-id: kqrsrKuANINZi08S3mJ7cUCGizvoSq7Y
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 4132767
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="_0Z5Qz9bWwdPhlRwfcPXEL6YXyDT_t9iQ3JlpKXKyFZyoe4iBPAsTQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 700
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Feb 2024 17:06:44 GMT
server: CloudFront
etag: "f2a1f09b1f23f395f4d6d7dd9f39d37b"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: _0Z5Qz9bWwdPhlRwfcPXEL6YXyDT_t9iQ3JlpKXKyFZyoe4iBPAsTQ==

GET
H2 200 chunk-42U43NKG.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 43DE 44 B
959 B 226ms
85ms Script
text/javascript 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-42U43NKG.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 Nov 2023 16:55:56 GMT
x-amz-version-id: evlVAxy7o1HEHfkTxbxNsM7i9okrmm0E
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10061425
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="uH6E3jXrU6PMm_PNJ5YY33vNmFJ1RSTnCn79ZoMC9d721DezvV9zjA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 44
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Nov 2023 16:29:22 GMT
server: CloudFront
etag: "f5fe0cab78140e0e5aa29f68ce8c2888"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: uH6E3jXrU6PMm_PNJ5YY33vNmFJ1RSTnCn79ZoMC9d721DezvV9zjA==

GET
H2 200 chunk-UI5YV2OI.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 43DE 743 B
2 KB 226ms
86ms Script
text/javascript 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-UI5YV2OI.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

952562069eacee02ee155b3de4906103a16bfa1100d12f1381185c1fa5b8520c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 22 Feb 2024 18:39:01 GMT
x-amz-version-id: G4TpoX8hvLza3BXfx.Y_xnbwMbPoA19x
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2797640
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="pmUf-4XpZ1LTpEsf2J4K1OUtM_FBWbUdyaCGr_xFBniqndhDUma-hg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 743
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 22 Feb 2024 18:16:00 GMT
server: CloudFront
etag: "d33ebaed282978fa2bc49a86933fdbdd"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: pmUf-4XpZ1LTpEsf2J4K1OUtM_FBWbUdyaCGr_xFBniqndhDUma-hg==

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ Frame 43DE 252 KB
82 KB 74ms
22ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3d8d7bae594dd199f2ef12cbebbfcb193e301e7bd987eb0ece6e5102f2beda4c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:22:07 GMT
content-encoding: gzip
age: 1453
x-guploader-uploadid: ABPtcPrlF-3MZQq-CiExfzJlcKYdBLydCXcvhDsxZTokbMreYKO8rVTCHvjW93ULoA_7CvIYbn9K3LSOlg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83656
last-modified: Mon, 25 Mar 2024 18:18:55 GMT
server: UploadServer
etag: "a638bf7f47ea9a583af982bf50d8cf41"
vary: Accept-Encoding
x-goog-generation: 1711390735385292
x-goog-hash: crc32c=xIBA7g==, md5=pji/f0fqmlg6+YK/UNjPQQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 83656
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 26 Mar 2024 04:22:07 GMT

POST
H2 200 TlbN1PqpZB Show response
api.userway.org/api/tunings/ 3 KB
3 KB 749ms
180ms XHR
application/json 2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/TlbN1PqpZB
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dd70f11defb6813d738ec19081b31f76cc578f49db6b783142268c28a2182758

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
etag: W/"ab5-pqcuFUPfDaQQmqCwmZNNl+A1bhE"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr64065cc5a9cb49f
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 2741
x-service-version: uw-pr

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 145ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QLSYZKSM0E&gtm=45je43p0v874427215z8863411406za200&_p=1711424779783&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1761835513.1711424780&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711424780&sct=1&seg=0&dl=https%3A%2F%2Fwww.biltrewards.com%2F&dt=Bilt%20Rewards&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=843
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLSYZKSM0E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 03:46:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.biltrewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET t2_7lmxmkme_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 0
0

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 120ms
17ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1711424780074&id=t2_7lmxmkme&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=1ea133c1-9700-48d3-aa11-b636d361ba74&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=800&sw=600&v=rdt_c9439d84&dpm=&dpcc=&dprc=
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

PUT error
conversions-config.reddit.com/v1/pixel/ 0
0

POST
H2 204 view Show response
mgln.ai/ 0
88 B 176ms
175ms XHR
text/plain 2606:4700:20::ac43:484f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgln.ai/view

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:484f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-length: 0
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711424780&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=P8bXsJaC6B06PU74DGE1NE7aQYlieZWUg8JOHyR1CqE%3D
x-request-id: 1c4c19dc-7179-4bb1-afbc-65aa3a163abd
x-runtime: 0.001914
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET, POST
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711424780&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=P8bXsJaC6B06PU74DGE1NE7aQYlieZWUg8JOHyR1CqE%3D"}]}
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache
vary: Origin
cf-ray: 86a4272dca44900c-FRA

POST
H2 204 view Show response
mgln.ai/ 0
88 B 242ms
241ms XHR
text/plain 2606:4700:20::ac43:484f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgln.ai/view

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:484f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-length: 0
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711424780&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=P8bXsJaC6B06PU74DGE1NE7aQYlieZWUg8JOHyR1CqE%3D
x-request-id: 8f9071fc-978e-475e-b2c7-691fab324df7
x-runtime: 0.001892
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET, POST
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711424780&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=P8bXsJaC6B06PU74DGE1NE7aQYlieZWUg8JOHyR1CqE%3D"}]}
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache
vary: Origin
cf-ray: 86a4272dca43900c-FRA

GET
H2

200

pixel
eu.mgln.ai/
Redirect Chain

https://mgln.ai/pixel/sync.gif
https://pixel.tapad.com/idsync/ex/receive?partner_id=3365&partner_device_id=ed883342-0be5-4d27-9e5e-5bb22a400e13&partner_url=https%3A%2F%2Feu.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3365&partner_device_id=ed883342-0be5-4d27-9e5e-5bb22a400e13&partner_url=https%3A%2F%2Feu.mgln.ai%2Fpixel%3Ftapad_id%3D%24%7BTA_DEVICE_ID%7D
https://eu.mgln.ai/pixel?tapad_id=8d7e58b8-0496-417a-a8a0-f85a59e447fa

43 B
305 B

123ms
112ms

Image
image/gif

2606:4700:20::ac43:484f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.mgln.ai/pixel?tapad_id=8d7e58b8-0496-417a-a8a0-f85a59e447fa

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Server

2606:4700:20::ac43:484f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.biltrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
content-security-policy: default-src 'self' https:; connect-src 'self' https:; font-src 'self' https:; img-src 'self' https: data:; media-src 'self' https:; object-src 'none'; script-src 'self' https: 'nonce-'; style-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-transfer-encoding: binary
content-disposition: inline; filename="magellan_pixel.gif"; filename*=UTF-8''magellan_pixel.gif
content-length: 43
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711424780&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=P8bXsJaC6B06PU74DGE1NE7aQYlieZWUg8JOHyR1CqE%3D
x-request-id: 41676176-88ae-48ee-b757-1f8cf04ba864
x-runtime: 0.001654
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a065920df8cc4016d67c3a464be90099"
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711424780&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=P8bXsJaC6B06PU74DGE1NE7aQYlieZWUg8JOHyR1CqE%3D"}]}
content-type: image/gif
vary: Origin
cache-control: max-age=0, private, must-revalidate
cf-ray: 86a4272eda94900c-FRA

Redirect headers

date: Tue, 26 Mar 2024 03:46:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://eu.mgln.ai/pixel?tapad_id=8d7e58b8-0496-417a-a8a0-f85a59e447fa
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 main.MWIzOGRhOGZjMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 425 KB
112 KB 28ms
26ms Script
application/javascript 173.222.108.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9G398RC77U9N0P9KPM0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.222.108.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a173-222-108-40.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd4c3a41eccea0d5704ed6eb9cd22d25242dddb210cf8e5075b542a8af7cd9fb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2abfe2e7
date: Tue, 26 Mar 2024 03:46:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240320221334D98CF267E4E4F57A2C4A
x-tt-trace-id: 00-240320221334D98CF267E4E4F57A2C4A-2F6C6C2E894E8121-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a173-222-108-36.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01498ed8d7d8bda94e14b7ef9e7072de4fd43a93f6a15b5bb2bf9ad504c7fdea710f283b64932c9d3e9e62da0594bf313f376b8c37cd3bd081cf5b60367d757bc47187ecaa5be779cd3004c4c246323ae18aa8ffd45e4c2b451971da8bda9ed7d3
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 114259

OPTIONS
H2 200 view
mgln.ai/ Frame 0
0 161ms
115ms Preflight 2606:4700:20::ac43:484f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mgln.ai/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:484f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 86a4272c59099158-FRA
content-length: 0
date: Tue, 26 Mar 2024 03:46:20 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711424780&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=P8bXsJaC6B06PU74DGE1NE7aQYlieZWUg8JOHyR1CqE%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711424780&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=P8bXsJaC6B06PU74DGE1NE7aQYlieZWUg8JOHyR1CqE%3D
server: cloudflare
via: 1.1 vegur

OPTIONS
H2 200 view
mgln.ai/ Frame 0
0 160ms
115ms Preflight 2606:4700:20::ac43:484f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mgln.ai/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:484f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: Set-Cookie
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 86a4272c590a9158-FRA
content-length: 0
date: Tue, 26 Mar 2024 03:46:20 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711424780&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=P8bXsJaC6B06PU74DGE1NE7aQYlieZWUg8JOHyR1CqE%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711424780&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=P8bXsJaC6B06PU74DGE1NE7aQYlieZWUg8JOHyR1CqE%3D
server: cloudflare
via: 1.1 vegur

GET
H2 200 GT-America-Extended-Bold.woff2
static.biltrewards.com/fonts/ 63 KB
63 KB 23ms
23ms Font
application/octet-stream 35.241.5.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.biltrewards.com/fonts/GT-America-Extended-Bold.woff2
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.91 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.5.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4b0bb6d8a058a42f5caa03df8bb35b72fed5a1987f6e10602ceb384ddb10d41a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 02:55:23 GMT
age: 3057
x-guploader-uploadid: ABPtcPpS741RVvkfS-ZLgS7epapgHfgXVZ_QziBSGc9RfDAz1V9_aybtdtIf_9bTl5KGbx7N6rU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-x-goog-reserved-source-generation: 1668523728054486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64096
last-modified: Mon, 20 Mar 2023 23:30:33 GMT
server: UploadServer
etag: "62d21cb9a8474aa65c284dc0af48bc30"
vary: Origin
x-goog-generation: 1679355033778551
x-goog-hash: crc32c=ri+bug==, md5=YtIcuahHSqZcKE3Ar0i8MA==
access-control-allow-origin: https://www.biltrewards.com
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 64096
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 109ms
109ms Stylesheet
text/css 3.65.91.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.65.91.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-91-158.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c6766c0023287016eb2dbee6bd49a65ef0c93ea42c16aaac58baecfea71ae49d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 26 Mar 2024 03:46:20 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 145ms
108ms Fetch
image/jpeg 3.65.91.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.65.91.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-91-158.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 26 Mar 2024 03:46:20 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 script Show response
events.framer.com/ Frame 43DE 16 KB
16 KB 287ms
233ms Script
text/javascript 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/script
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash: 03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
via: 1.1 dc929648f0c936ae1fcea0675ad0382c.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 15882
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450c-7b5e80cf09b525dd548cf509
x-amzn-requestid: e16a2214-ba92-4e84-8bb6-7e50b2c08635
x-cache: Miss from cloudfront
content-type: text/javascript
timestamp: Tue, 26 Mar 2024 03:41:44 GMT
x-amz-apigw-id: VN-59EtZoAMEHyA=
content-length: 15882
x-amz-cf-id: x0fMRCwZkXfc-RTeRmRHpZv1T8GsPDfcC7G8nDEg9h8vwadLCo6txg==

GET
H3 200 QjUw3jJCmMzYz9c4QnfbBW9f90.png
framerusercontent.com/images/ Frame 43DE 176 KB
176 KB 54ms
32ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/QjUw3jJCmMzYz9c4QnfbBW9f90.png?scale-down-to=2048

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

0f21a3f784c0a180951483e44e8878606dd7e74c330a40afdcabfd998bd9ed9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 07:16:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 7504170
x-amzn-requestid: 93163bec-85c6-4ed1-8290-c1f9df2c9dac
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="x6uO3NQKHJ-MDCOQNYOvvky2uGz8V8MQ3KzwrdoDkx6IPpUQM7vF_g==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-658fc3e1-57315a206d7a02da7190c7b6;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: x6uO3NQKHJ-MDCOQNYOvvky2uGz8V8MQ3KzwrdoDkx6IPpUQM7vF_g==

GET
H3 200 OJrwICelx547sU9TUfsOWWw2XU.png
framerusercontent.com/images/ Frame 43DE 74 KB
75 KB 44ms
22ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OJrwICelx547sU9TUfsOWWw2XU.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

cf864361a24b9afe094f76d502d804e878318535e9479c428babec04f792bb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 21:01:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 7454670
x-amzn-requestid: 6bd86dc0-47a2-4c16-a0c3-51f3b79bd10b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="TBjsCsgXgDSmvD5yEEA0MicBStr6uYSw_ldjLCPS-m2cgFT_uyURbw==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6590853d-6cbbd6e16a26746a51f173da;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: TBjsCsgXgDSmvD5yEEA0MicBStr6uYSw_ldjLCPS-m2cgFT_uyURbw==

GET
H2 200 rewards
www.biltrewards.com/ 135 B
0 140ms
138ms Fetch
text/x-component 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/rewards?_rsc=acgkz

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Next-Router-Prefetch: 1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Next-Url: /
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:20 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::zlvm5-1711424780184-fa040a30dbcb
x-matched-path: /rewards.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 rent Show response
www.biltrewards.com/account/ 211 B
422 B 280ms
279ms Fetch
text/x-component 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/account/rent?_rsc=acgkz

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

20b99a9ae587853441143a0738df5a9b3d65670ee8bdb500ae802e1564b1b428

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Next-Router-Prefetch: 1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Next-Url: /
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:20 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::kkv9q-1711424780184-3637c386cdf9
x-matched-path: /account/rent.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 dining Show response
www.biltrewards.com/rewards/ 159 B
3 KB 282ms
281ms Fetch
text/x-component 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/rewards/dining?_rsc=acgkz

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

7fe49fbb635916cad080c5daf71c3497881aceca76fc71b300c426ca3193dece

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Next-Router-Prefetch: 1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Next-Url: /
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:20 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::gjcvb-1711424780184-e0dca3a138ad
x-matched-path: /rewards/dining.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 travel Show response
www.biltrewards.com/rewards/ 159 B
3 KB 146ms
146ms Fetch
text/x-component 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/rewards/travel?_rsc=acgkz

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

d2e7974e58a34293fe1a5e5ca4f9525bf35ff509b98d2b7aebe50d7a6f57d718

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Next-Router-Prefetch: 1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Next-Url: /
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:20 GMT
strict-transport-security: max-age=63072000
age: 0
x-powered-by: Next.js
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cle1::j2hsr-1711424780184-1d8395fb9901
x-matched-path: /rewards/travel.rsc
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-vercel-execution-region: cle1
content-type: text/x-component
cache-control: private, no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 Bxu6GY24oplllZd0X0beaOpeu1Y.png
framerusercontent.com/images/ Frame 43DE 33 KB
34 KB 91ms
51ms Image
image/webp 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Bxu6GY24oplllZd0X0beaOpeu1Y.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

85f5de4dc60ee136c7f141c4999ed8ab88b9bf0aed3a5806f9cbc4283a901b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 21:04:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 15489731
x-amzn-requestid: 47a703ad-c5a4-4663-a7ca-41b0215b5529
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="NLfz1MS3tX8fdqFeeGV0uDT0JKIZG6EZ4qKKWggqDFe8cFBtE1OCnQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515ea49-22781c72779d140e4acf41d7;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: NLfz1MS3tX8fdqFeeGV0uDT0JKIZG6EZ4qKKWggqDFe8cFBtE1OCnQ==

GET
H2 200 Yq0ObCqEE6wFZWZK5Dp54noE4.png
framerusercontent.com/images/ Frame 43DE 25 KB
26 KB 112ms
72ms Image
image/webp 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Yq0ObCqEE6wFZWZK5Dp54noE4.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e7d6db02d371f6199fcd30f7d43ae8625d25137986906c8e44c522ba999f60d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917110
x-amzn-requestid: 15344764-72eb-463c-801a-3a616babc422
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="jVamevmjb7ceYAupxG1QyZoJ81uLSUhTH7EwIruDM4_2KRI-Y_y3UQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-620e9b68106e8d0710b4c3d3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: jVamevmjb7ceYAupxG1QyZoJ81uLSUhTH7EwIruDM4_2KRI-Y_y3UQ==

GET
H2 200 kPxJM4tLgnLH1CadICtjXQIzHyU.png
framerusercontent.com/images/ Frame 43DE 14 KB
14 KB 99ms
59ms Image
image/webp 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kPxJM4tLgnLH1CadICtjXQIzHyU.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6ba51e661ea99d73f18d67c0759bdfa54b3c409cab8308cccb0b4e94e6750ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917100
x-amzn-requestid: 2e4005e3-d4f1-4223-8f10-ce4e29194f95
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="kqdeZfz1moO7d3AkB5y2GtvIgEXog7V4gEVWMz1sy8eASiBGwYKQsQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-166d1a7913e3bf6f4caff6ea;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: kqdeZfz1moO7d3AkB5y2GtvIgEXog7V4gEVWMz1sy8eASiBGwYKQsQ==

GET
H2 200 kZedshteNKwEnTSThLDeUR8Dvg.png
framerusercontent.com/images/ Frame 43DE 3 KB
3 KB 108ms
68ms Image
image/webp 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kZedshteNKwEnTSThLDeUR8Dvg.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2b6ffa1fda482766ba9db7607cf480fea2d6e045ea6d629cb1006b1384f43d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917110
x-amzn-requestid: 955dccb4-047a-403f-864a-55cccbf57bbd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="xYck7Kc_6bu9Q-Y_og4QVtp7W-M1siEW4-mlEUYeVK5CGiPM4NQwog==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-4028c3652793ae1569eb83fd;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xYck7Kc_6bu9Q-Y_og4QVtp7W-M1siEW4-mlEUYeVK5CGiPM4NQwog==

GET
H2 200 PpmuiGEDXM3kHtBp5icQtJnddr8.png
framerusercontent.com/images/ Frame 43DE 36 KB
36 KB 82ms
42ms Image
image/webp 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PpmuiGEDXM3kHtBp5icQtJnddr8.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c2f14ac6aa2d1007f23dbc8cd5535ae456550e6b6cec1114a60d56610e526861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: 570231b1-76ce-4948-b9d1-87e54e335dd5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="wuZg1t3aXb22pYrqCIv23vwCvL7vBzrmOztF0CgZ3hSvlrpI4WCrQw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-441c7c2c01bc6a640ffabe9c;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wuZg1t3aXb22pYrqCIv23vwCvL7vBzrmOztF0CgZ3hSvlrpI4WCrQw==

GET
H2 200 u3YgOCmum1dUpL43rOc7L0t2pTE.png
framerusercontent.com/images/ Frame 43DE 37 KB
38 KB 103ms
63ms Image
image/webp 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/u3YgOCmum1dUpL43rOc7L0t2pTE.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8fac5963cf08bccb52ed83675b4ab217e5c9dcf28d37f50f9b0f023fc0a9b783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9273305
x-amzn-requestid: 8de716e5-6484-465d-9b98-bf5b719b5ddf
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="5vU5mZ9_vuhS0_pjyOhj_yWMLK6U9MyHwCtxSqQgTAA4Ef1H5URhaQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-40ada02066e2ce3903f68f4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5vU5mZ9_vuhS0_pjyOhj_yWMLK6U9MyHwCtxSqQgTAA4Ef1H5URhaQ==

GET
H2 200 q2ZbwDh95WKyNtMuZKqIZa0Y.png
framerusercontent.com/images/ Frame 43DE 69 KB
70 KB 122ms
82ms Image
image/webp 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/q2ZbwDh95WKyNtMuZKqIZa0Y.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f72d0a5af37884e1b1b98c1d843591b5618a80cab198ce8e85cf4131dfde5524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9273305
x-amzn-requestid: 95e9b69a-0251-436a-88f6-acfa14840b49
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="fXQpJlb8MyYZF2jIgLHLmmypXoLTZ-Q_R0b-9gfxWI6M3rDxLu39tg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-62a3a44b33d91cba46c2e0b4;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: fXQpJlb8MyYZF2jIgLHLmmypXoLTZ-Q_R0b-9gfxWI6M3rDxLu39tg==

GET
H2 200 VyL41pOzjpyf0ifC7GjerSeo3E.png
framerusercontent.com/images/ Frame 43DE 45 KB
45 KB 117ms
77ms Image
image/webp 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/VyL41pOzjpyf0ifC7GjerSeo3E.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

12eb90ba365f5499e5dcca6dfa9e11e5e451e601f20c46d05cacfa45bbe0fa68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: 7a18f60e-5932-47f5-875d-17f2793f98fd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="qUct5kVo3RK_LuXwaDXmfid3fqwTHm24k_aQxGB16hBJnFytrNcZpg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-73b0f6ff3b15cf5703eadbaf;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qUct5kVo3RK_LuXwaDXmfid3fqwTHm24k_aQxGB16hBJnFytrNcZpg==

GET
H2 200 ly7hsGndYyaskNI1AqcxaAt6I.png
framerusercontent.com/images/ Frame 43DE 24 KB
25 KB 65ms
25ms Image
image/webp 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ly7hsGndYyaskNI1AqcxaAt6I.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4f452334c46c15d7198eb2155a3ec0d93ee81b7d1dfaaee86fe67532299b4f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: 26ed4e78-6421-49aa-8b87-e1be9f6ffb6f
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="gq7iOrdcGlEJDbAFAk1YLW5nJGnhVVYt9yFV-OV_zEafkxZ-az0gdw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-319c6f954b10e76e02e15a89;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gq7iOrdcGlEJDbAFAk1YLW5nJGnhVVYt9yFV-OV_zEafkxZ-az0gdw==

GET
H2 206 ysCNtc4urbg6XoahxtFjQ5iM.mp4
framerusercontent.com/assets/ Frame 43DE 238 KB
0 123ms
87ms Media
video/mp4 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/ysCNtc4urbg6XoahxtFjQ5iM.mp4

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://www2.biltrewards.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 21 Feb 2024 19:18:05 GMT
x-amz-version-id: ZGpzvVL52zWME_U_sZUF.yLajT1DjUei
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2881696
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
Content-Range: bytes 0-7171940/7171941
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="llIWIqEGlOKCCIGeEUsT-sLKs1n1_PZZSw37O6Kx2CI__2gqg0epqA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
Content-Length: 7171941
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Feb 2024 19:00:48 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "007bb0d7a6f76537bc66283ea97c56f3"
x-frame-options: deny
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: llIWIqEGlOKCCIGeEUsT-sLKs1n1_PZZSw37O6Kx2CI__2gqg0epqA==

GET
DATA 200
OK truncated
/ Frame 43DE 16 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6162a259efcc903ece88a8301a46b44e3a77c220b3752c01eb02caa0af358870

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 16 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab32bc58349446cd3c8761af45640b13ed01073a6553e5779a9b03852d591ca4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 536 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea9ed2f612e41fcd700060fad5eff94165c56fb549e6334173177b4a540a5a9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5b3b178dc8df3767511096744a36ee3edcee7ed62be5f8504244e6b70cf7398

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 406 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 990fba98068c77b0616f1d04a1df3ae1e0b6a0fe19809beb34864ab99044ba78

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 LqDnnljXEwgpUOKntxS1EWW6Rg.woff2
framerusercontent.com/assets/ Frame 43DE 62 KB
63 KB 72ms
70ms Font
application/octet-stream 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/LqDnnljXEwgpUOKntxS1EWW6Rg.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b758c20d70f6b20fa85f31c23b9dea1ad5551a1cfd9ed56485c63cc592b2a15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 11 Dec 2023 19:43:08 GMT
x-amz-version-id: 2K1KJcp0J5ZC8eipZGka2Zx75YaYhk90
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9100992
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="mHdRfHLMXsCASuolRI3z-Cwas-5DJph3V0Mi6782hrijgznxd_ipMw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
content-length: 63328
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 21:13:11 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "c2d37cba33fee33551bad2907242eab9"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mHdRfHLMXsCASuolRI3z-Cwas-5DJph3V0Mi6782hrijgznxd_ipMw==

GET
H2 200 ZOQnZ28bo7qibfKtLjS7lnsO4.woff2
framerusercontent.com/assets/ Frame 43DE 57 KB
58 KB 75ms
74ms Font
application/octet-stream 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/ZOQnZ28bo7qibfKtLjS7lnsO4.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ae3cd625206f3b22398ce3e5ffcc22c2a6ff95a535e7c4addbfb7e7e2d146ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 12:32:12 GMT
x-amz-version-id: 58zLG6LNXAxyMvZ2wp4N8Rd8SkrRCmYI
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8781249
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="9ZO-gqfLvN1iuUtCeB9mh2pnTb_Ebm_8fZ0o1IVvCMx98U1GdTJ1jA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 58660
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 May 2023 14:23:43 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "a6198b4fe9868e890209905eb4f8e472"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9ZO-gqfLvN1iuUtCeB9mh2pnTb_Ebm_8fZ0o1IVvCMx98U1GdTJ1jA==

GET
H2 200 KeYwHD87n281ye36wsD3E9JRnpY.woff
framerusercontent.com/assets/ Frame 43DE 68 KB
69 KB 79ms
77ms Font
application/font-woff 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/KeYwHD87n281ye36wsD3E9JRnpY.woff

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b68d680fe22c79281c483a6cff939bfb690bd8154752a75e1c0466e0826ff4dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 24 Feb 2024 10:56:37 GMT
x-amz-version-id: cMDlGYG3jq6HnaMYM9ezFgw6qU4U2RKj
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2652584
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="SVU5um2SwKESysdTqfo-mrYxuTvRbgwR-6KS7bV9SnVwoweiKA1AwQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 69324
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 21:13:10 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "f7baabaa8ed057664ec3a3eb27e75202"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SVU5um2SwKESysdTqfo-mrYxuTvRbgwR-6KS7bV9SnVwoweiKA1AwQ==

GET
H2 200 9vZ4CFUb3rKQR5PiFoCAG4XK9ds.woff2
framerusercontent.com/assets/ Frame 43DE 56 KB
57 KB 84ms
83ms Font
application/octet-stream 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/9vZ4CFUb3rKQR5PiFoCAG4XK9ds.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ff65c7581b6b14184d2d6ab9ebe9416b06fcbb86c3a7a32ca30b3bc7871256a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 12:32:13 GMT
x-amz-version-id: aEYwQgpWhbQ7IJEr3IcgegQjJqr4Pvri
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8781248
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="WV2Gdh-e-IRhwLr7mhbmXdAersc3Ds7qTLYICchPgLTwlF6kN0qfag==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
content-length: 56856
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jun 2023 17:17:03 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "6181542bb783e07afdce0af1753dc23a"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: WV2Gdh-e-IRhwLr7mhbmXdAersc3Ds7qTLYICchPgLTwlF6kN0qfag==

GET
H2 200 8qn5SJXAslrGaAAxdWjJDc6gng.woff2
framerusercontent.com/assets/ Frame 43DE 47 KB
48 KB 80ms
79ms Font
application/octet-stream 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/8qn5SJXAslrGaAAxdWjJDc6gng.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b02546b57554da630a4827a7755b1f72d22374513f811dc0590ebe942758cbfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 12:32:13 GMT
x-amz-version-id: Uo2HPioSZt72O.VWi6F9mEBTdQw0j0ck
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8781248
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="AYww7lYOa6FE-ooIIw5eGF1IbQbL1vCg-QruO7YIpUrr3g9fOpwjOg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 48256
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 21:13:11 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "425ac390cb52f1e99c8b61faa7e6a235"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: AYww7lYOa6FE-ooIIw5eGF1IbQbL1vCg-QruO7YIpUrr3g9fOpwjOg==

GET
H2 200 0iJMoAt43UHHN4iZwJ9BRySDSfM.woff2
framerusercontent.com/assets/ Frame 43DE 57 KB
58 KB 81ms
81ms Font
application/octet-stream 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/0iJMoAt43UHHN4iZwJ9BRySDSfM.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9182e5785106498f498602328fe7137d757143fcf66ff2f263ac75f3ca54d7e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 12:32:12 GMT
x-amz-version-id: AT_2BH0O2V6cPJxPyzU1of5S3JbluJW3
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8781249
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="OPfyw95XPfDLjP16EQIXmH1b0WogObqaNwrAfn538lvrK7otdcg72g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
content-length: 58164
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 21:13:09 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "3a1c34d491e0f22ddcce5ef4225fc4e4"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: OPfyw95XPfDLjP16EQIXmH1b0WogObqaNwrAfn538lvrK7otdcg72g==

GET
H2 200 ZIA17DG79ouXlfoQjamRRhk3cc4.woff2
framerusercontent.com/assets/ Frame 43DE 56 KB
57 KB 86ms
85ms Font
application/octet-stream 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/ZIA17DG79ouXlfoQjamRRhk3cc4.woff2

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

500ba18736d9e2fc79546b0f1ff540b8d022a0405718c9c460e6da300f18f7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 08 Oct 2023 21:54:56 GMT
x-amz-version-id: 2bAIUvN.lJv0IRflfgk7e39O0NwsKLB9
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 14622685
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="bD-dvGszSa91AvGqdTYTCVPwto3p8zMu6b7q2l8t0odVnbM0yccI8Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
content-length: 57076
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jun 2023 17:17:03 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "ee4103e3d2fcb9bd36adc839b2456f83"
x-frame-options: deny
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: bD-dvGszSa91AvGqdTYTCVPwto3p8zMu6b7q2l8t0odVnbM0yccI8Q==

GET
H3 200 RVFtmFp0chpaTRBkxXKss5HkWuI.png
framerusercontent.com/images/ Frame 43DE 25 KB
26 KB 39ms
30ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/RVFtmFp0chpaTRBkxXKss5HkWuI.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

dc9d99b4069719085cc1a67a93350f47b0d97185bc95c4afc509b917ca2a5ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9273305
x-amzn-requestid: c054beb9-a99a-44c8-b6e4-8efd99661635
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="6RH3K5e_wnxThXBDU1RPkO1nx61Af7rlLz1Skn2LstAzCONgxR4NOg==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-689e8b4f72eef1440beb86f3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6RH3K5e_wnxThXBDU1RPkO1nx61Af7rlLz1Skn2LstAzCONgxR4NOg==

GET
H3 200 wkMxGLA0wVGsaSgWt2doW86Zic.png
framerusercontent.com/images/ Frame 43DE 31 KB
32 KB 40ms
30ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wkMxGLA0wVGsaSgWt2doW86Zic.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

5ac1c77c992ddf5093ee99f3128e769ce4e854e31d63a45a5c229fa012f3d27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: ba6827ad-aabc-411e-9dc2-dfa723dd0780
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="qN-sY4kZocK6izUYAFQOrYLQ8gADp4unJ88cVry3GbzQ2iS7VVQU8w==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-644b15642b1ea7fc78e9b405;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qN-sY4kZocK6izUYAFQOrYLQ8gADp4unJ88cVry3GbzQ2iS7VVQU8w==

GET
H3 200 UPxnowvsa2Fbt3lp5oDDFXRjROc.png
framerusercontent.com/images/ Frame 43DE 32 KB
32 KB 41ms
31ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/UPxnowvsa2Fbt3lp5oDDFXRjROc.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

af6eba57bf2517abf6514c8efc984691780db40d0468f1bf9e4d1f8687d0f3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9441135
x-amzn-requestid: e03300e0-9cad-43fc-8ab6-de726d6b5f30
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="1sL6UhayowPEWSqfAXUCNrEhWkym_RWzSJpV9Ni79JIZVXqXvgPaYw==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-765ffb934b7dbe1f748e348d;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 1sL6UhayowPEWSqfAXUCNrEhWkym_RWzSJpV9Ni79JIZVXqXvgPaYw==

GET
H3 200 2Zx97veGwo826dqlIbR2hMKiY.png
framerusercontent.com/images/ Frame 43DE 85 KB
86 KB 39ms
30ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/2Zx97veGwo826dqlIbR2hMKiY.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

4dd34f61aca89d6bc803b2bd3feb6a97b9be91c52dc7cfb6bf64971b08b3f83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 05 Dec 2023 23:57:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9604122
x-amzn-requestid: c6578a5d-2b8c-483a-ac9d-b78066b234a7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="bm4CALulDC9G1zOYvHJhW6cBSEP6ASkLwWo2pKGUL7Mqc7QX27JZOw==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-656fb8f2-1a3284985a17b98d6b56e9b6;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: bm4CALulDC9G1zOYvHJhW6cBSEP6ASkLwWo2pKGUL7Mqc7QX27JZOw==

GET
H3 200 i6iRuC8inkOu49dyb2cMx7KLX9o.png
framerusercontent.com/images/ Frame 43DE 32 KB
32 KB 42ms
33ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/i6iRuC8inkOu49dyb2cMx7KLX9o.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

c04daf4d84b602e33cd55244de90765807629d32b9bec66402b61bbc9666995c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9441136
x-amzn-requestid: d1276dde-ce3c-43b3-bdf2-19fb56353b67
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="547IRcYFwjPrhtGLnoKTbTOOs89ODsSUZYvC41kETVdm0eSrcOalMQ==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-6d94249e4d78cc9c47e01d91;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 547IRcYFwjPrhtGLnoKTbTOOs89ODsSUZYvC41kETVdm0eSrcOalMQ==

GET
H3 200 4Um58dLygSHRrlUbzVAaCiPfHeE.png
framerusercontent.com/images/ Frame 43DE 61 KB
62 KB 35ms
26ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/4Um58dLygSHRrlUbzVAaCiPfHeE.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

d065eff191539c5a5e24a3a4f1bb8ff55a32c7701e34d57ae8b49ca555bdeb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 02:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8816319
x-amzn-requestid: 76e437ee-349e-4296-8605-83da030eb99b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="ySFuMh0aj8o8w4pDc7yDj9xzhRNMHGAu6Z8N7qqMTovq7az-CJLPcQ==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657bbe4d-6fba888c030366654cd8e9e2;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ySFuMh0aj8o8w4pDc7yDj9xzhRNMHGAu6Z8N7qqMTovq7az-CJLPcQ==

GET
H3 200 OwD5vj1mJJkrw8fQ4TLBsZu7VY.png
framerusercontent.com/images/ Frame 43DE 67 KB
68 KB 42ms
33ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OwD5vj1mJJkrw8fQ4TLBsZu7VY.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

76d2ff093e6915059cf45b5a51b88ccd5e79c038e42ecd2cf5817403b6c52cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917098
x-amzn-requestid: 78b339dd-e4b5-456c-bb1c-74370a5115ab
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="rXasuoPb03j3ksOJPjcX8zBY4rvFpJOLhtCDBt3e0dUBVfWTt1yqPQ==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-47094d6076a345a112379c31;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: rXasuoPb03j3ksOJPjcX8zBY4rvFpJOLhtCDBt3e0dUBVfWTt1yqPQ==

GET
H3 200 6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
framerusercontent.com/images/ Frame 43DE 214 B
809 B 38ms
29ms Image
image/svg+xml 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/6tTbkXggWgQCAJ4DO2QEdXXmgM.svg

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jul 2023 10:01:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 22527920
x-amzn-requestid: cd6fe516-7186-49ea-8583-2bab5f74ff2a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="XuZ8sQ_EgYNBOe9mXYhCxhVyYyC4FT_jtO_tJdVoOQ_vGlyPolibOg==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64aa855c-0af01ff92e851a665abb74ce;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: XuZ8sQ_EgYNBOe9mXYhCxhVyYyC4FT_jtO_tJdVoOQ_vGlyPolibOg==

GET
H3 200 11KSGbIZoRSg4pjdnUoif6MKHI.svg
framerusercontent.com/images/ Frame 43DE 215 B
807 B 37ms
28ms Image
image/svg+xml 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/11KSGbIZoRSg4pjdnUoif6MKHI.svg

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 12:09:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9992205
x-amzn-requestid: f927c207-5d43-4a31-84ec-0d06d0c63c6a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="6FACMS9sSNsUUemy0tjVScdecHimBJZZKxLjrCnnCDVmLtL60coY0A==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6569ccff-42414f1e2713071463b83623;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6FACMS9sSNsUUemy0tjVScdecHimBJZZKxLjrCnnCDVmLtL60coY0A==

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1711424780219&aid=b-00ri&se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Oj...

0
0

GET
H3 200 xCQC3Wupbo8m3lPpUkDhzX5YD4.png
framerusercontent.com/images/ Frame 43DE 61 KB
61 KB 29ms
28ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/xCQC3Wupbo8m3lPpUkDhzX5YD4.png?scale-down-to=1024

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

052aad9f617143aa4ac1796210fe7d4b591bddfca04b80a52bb44382bf0fcaaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 Nov 2023 08:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11302802
x-amzn-requestid: 9b6a1016-27a4-4c1c-bf6c-4dd5244f6e72
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="HDahkLz92Sz3NPmjl2w27Ir_Sa7M58363ZX10QQ51FGZBO050Ptw0w==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6555cd7a-72716d0321980bee33a7f28e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: HDahkLz92Sz3NPmjl2w27Ir_Sa7M58363ZX10QQ51FGZBO050Ptw0w==

GET
H3 200 7dgusnBALjfsS0yucyysUvo9a8o.jpg
framerusercontent.com/images/ Frame 43DE 97 KB
97 KB 30ms
30ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/7dgusnBALjfsS0yucyysUvo9a8o.jpg

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

16e01cf649348ae4aa10d00073964eb618ddfe12fb19832485fb131dda930f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 22 Feb 2024 18:15:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2799023
x-amzn-requestid: f79f9e01-484c-4a08-bdbc-c2fddeffb140
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="CgtwSZBJqQ5cA8N2lQidgooAH2WIcbVo6_z34LvR1Owcq5_Sc-CKAQ==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65d78f5d-62e6045614e49c90304ec543;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: CgtwSZBJqQ5cA8N2lQidgooAH2WIcbVo6_z34LvR1Owcq5_Sc-CKAQ==

GET
H3 200 NI61TIlpX6TJbklIpHSie2tEpGE.png
framerusercontent.com/images/ Frame 43DE 65 KB
66 KB 31ms
31ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/NI61TIlpX6TJbklIpHSie2tEpGE.png?scale-down-to=512

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

5e5037129f05b5364a856cbc1a8bfbbaad20aeca2fe2c43d8590a856c753d485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 Nov 2023 10:28:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10343867
x-amzn-requestid: 413005f5-e144-4729-aaee-163700256cfb
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="H_OjrK9k1inKB1XK8ffYTfV2Be0o9RM0-Ds7ksKDpLDB2ZBg4VSv5Q==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65646f51-5dc48f8225829ec367f04792;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: H_OjrK9k1inKB1XK8ffYTfV2Be0o9RM0-Ds7ksKDpLDB2ZBg4VSv5Q==

GET
H3 200 XjelGy0AgZXWBtmYgQFM6So2cZU.png
framerusercontent.com/images/ Frame 43DE 25 KB
26 KB 32ms
32ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/XjelGy0AgZXWBtmYgQFM6So2cZU.png

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

a935b85e486d01cfd4d6367d1fa1cab1ae49196644c492860878cf959e332633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 17:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 15500906
x-amzn-requestid: c346a2e6-eb2d-43fb-9561-2d4dd1b33b36
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="BSJxVl0hgwTF6Msk0YX7k_KcAiC-rwNG8cWudBxB3ai9SJT0wZeM0Q==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515bea2-249c5b1462b996922d6bdf1c;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BSJxVl0hgwTF6Msk0YX7k_KcAiC-rwNG8cWudBxB3ai9SJT0wZeM0Q==

GET
H3 200 ENcVpm4LA7y23rHPsliWCOd8K5M.svg
framerusercontent.com/images/ Frame 43DE 37 KB
38 KB 32ms
32ms Image
image/svg+xml 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ENcVpm4LA7y23rHPsliWCOd8K5M.svg

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

fec8ecde0a3753bfd77b25f5aeffaaf8ef41f0744d77e2f32d5e46eab1a04a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 01:55:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10029069
x-amzn-requestid: 602448b7-7767-43ed-9698-66fdc76eb854
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="MkZZ21SbNo82OtKRjuetN1R_Srf29vvARi15eh5hNqXupcbrckIH_Q==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65693cff-38eeff556792153857a1b87e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: MkZZ21SbNo82OtKRjuetN1R_Srf29vvARi15eh5hNqXupcbrckIH_Q==

GET
H3 200 cm.css
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ 15 KB
4 KB 205ms
204ms Stylesheet
text/css 172.66.43.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/cm.css

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/ui.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36fe8d60c96300f39cef881c83445907bb7a1d0f00b71ffaf38916bc08f99585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"58539a2b908f4e73e04d4f950b1b35a3"
expect-ct: max-age=86400, enforce
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
cf-ray: 86a4272cb8db39ce-FRA

GET
DATA 200
OK truncated
/ Frame 43DE 729 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da70c773cd3a8d489bad7c03fb89b63053843aa52c0545749df089a08e64f78f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2086fef391221a13d759836370ef5bae70c15e1389eb6504dc3a31c987e0a88

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db9c28d70f03728ad94c11d34cea446ed992aaa6167344d3eb362379f7fdaaf0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 777 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff54e9b2209db7e90df95ee8523a1176d4c14d06b413cc817dfbbda6d64a03e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a61375e44fd14535935364ba62f844371eb9fb77ad0e4437720086719fa0da7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc4e37d9baf9b5931e355841de300fdb470ce47b75695eb0bca2ba6766dc54cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 319 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d9df2764c7d56ded13faf14e7235e19ae3232be0f54e8ddd60ed76e6339f3af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 536 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52ea1136d79c3a7ebe4f345fdec565e4bac855aeb6ae4dafb54b7b7f29edb881

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 743 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e12cb695307b2703bce81c01aaeaf24cf0aa0602c8307458ea4f117719fb6ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 188768601044fa9d36f7e8318b53e650a64fb03b28c2b04eb8b99facdadce63e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa7e514331c85e2bff2ab629fc901146eaec70a8fbfd84ee6dc9242dbb9d0030

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 645 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db8dee9ad499fb9b623de94c004b284d5529c842c2822340d4ad2f2f8f44968c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58888f87f259719b4e4c83c062290f5828decd4b761e775b122fa0dd47783441

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ba48794b55ef4e4a86b321ac15c7e29fe0b820b9c6cf851cc8a3f203e73deea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d73a6fb16be01ec82a5742ccc4f5f771276aa0b1f6f793d96296642ddf15233e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2118dd199c07f6a33a106ffd904bf6286602d097d82f26f73035a8dece4adbf6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 43DE 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6d07ea42c45d0cc8a159fdd03d06ea4428767f9d578347a75c2c79bec3293ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 PeV1BiYkQUoBq9a4xHPOFZaIKs.ttf
framerusercontent.com/assets/ Frame 43DE 104 KB
51 KB 138ms
137ms Font
font/ttf 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/PeV1BiYkQUoBq9a4xHPOFZaIKs.ttf

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9e16d83a2c1724e2cbfd819c46e35e26b7911de8678342fc0d6a00e277764306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Jan 2024 17:35:23 GMT
x-amz-version-id: 5f2Sq55So33T0tE.Hwj7OuO8DG9qy3Y0
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: aws:kms
age: 5739058
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="eQPFXzHQ30CBdl7VhQNaoFhxU3PxvghH6auxBEIo3GgOGN_otlpZgQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 Jun 2022 10:23:00 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: W/"879f8eb6c242e8075b76da15b99b3008"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/ttf
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
timing-allow-origin: *
x-amz-cf-id: eQPFXzHQ30CBdl7VhQNaoFhxU3PxvghH6auxBEIo3GgOGN_otlpZgQ==

GET
H2 200 default_script0.DLSUSCOB.mjs Show response
framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/ Frame 43DE 2 KB
2 KB 115ms
115ms Script
text/javascript 2600:9000:2490:8200:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/default_script0.DLSUSCOB.mjs

Requested by

Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

adf88ed82bd50c4a79b68503bc223b7dec53ac990a45aa2ca91b798618c05f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 26 Feb 2024 16:21:22 GMT
x-amz-version-id: KUAFYmeP4U7FdFKnHKGcaNdgBdhLNi4L
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
age: 2460299
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="s37afZUQNt4JXPlp6VljNQHh-GWWoSUr-FKoHGsQRF0qoBZosL9fwg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Feb 2024 16:18:27 GMT
server: CloudFront
etag: W/"11da2918ebf5d2cd4d7b384ec56a74c4"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: s37afZUQNt4JXPlp6VljNQHh-GWWoSUr-FKoHGsQRF0qoBZosL9fwg==

GET
H2 200 widget.js Show response
cdn.userway.org/ Frame 43DE 2 KB
2 KB 113ms
113ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b2e3f16ae511e86bb8f35bedc5ec535f6db1a240e256ea032e0d295ec9231d06

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:20 GMT
via: 1.1 20bac96d0c0df74d5e600294d22661e6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-P1
age: 786
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 2453
x-accel-date: 1711422327
x-77-nzt: EgwBw7WvDgH3lQkAAAwBnJIhHwH3egEAAA
x-accel-expires: @1711425927
x-77-age: 2831
last-modified: Fri, 22 Mar 2024 12:49:42 GMT
server: CDN77-Turbo
etag: W/"129ee7922b92960062be5efeed043099"
x-77-nzt-ray: 90833930d6aa55a10c4502665fe0aa1a
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: nQSOmO1Rzby-2MjUug1YpkVh8wtmFTTqY8iOkTJd-RFQ04eCrjerVw==

GET
H3 200 en.json Show response
transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/translations/ 8 KB
2 KB 58ms
58ms Fetch
application/json 172.66.43.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/translations/en.json

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f451ccd1b82076cdf339b4c512eb3363a898c580776fe8e2a4242ffea352b4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 42233
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"deeec53da2118f7d45f432e74ecef857"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 86a4272dcc9e18d3-FRA
expires: Tue, 26 Mar 2024 03:47:20 GMT

GET
H2 200 identify_05ea2.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 27ms
27ms Script
application/javascript 173.222.108.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_05ea2.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.222.108.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a173-222-108-40.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2abfe3fc
date: Tue, 26 Mar 2024 03:46:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240320221321C148C5C0C5E3EA449754
x-tt-trace-id: 00-240320221321C148C5C0C5E3EA449754-2105C8913C3768CF-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a173-222-108-36.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0165ab0d4131a12dae4f1bb6c4538bb089a0328650ddc734a3e5e70dbec7251bafd76c52e195a03368e8934eef23f80e979d8f49686301bc7b7685ad409d8f1f9cdb9375c37a72ebfea4bb5b38c96bc998d39d0eca004a0c85324d717ed7ec48b1
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 37039

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
704 B 161ms
161ms Ping
text/plain 173.222.108.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.222.108.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a173-222-108-40.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2abfe423
date: Tue, 26 Mar 2024 03:46:20 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403260346207528CAECD245B06EC07A-652ABB06855D4788-00
x-cache: TCP_MISS from a173-222-108-36.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
server-timing: inner; dur=35, cdn-cache; desc=MISS, edge; dur=5, origin; dur=130
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202403260346207528CAECD245B06EC07A
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 131,173.222.108.36
x-tt-trace-host: 015c91947f38d3c27845e9b099943b1b0d352f93d1b70f1c59c809968c791e622206dd0aad7dd83a9a3f914689f6c8bf614a41d5a850f85dae6c8febf963d0ebe438a1b27b9e916e0a10abaab25d5cb35e08d5c107d8a48914779134c7f51d3565
access-control-allow-headers: Authorization,*
expires: Tue, 26 Mar 2024 03:46:20 GMT

GET
H2 200 card Show response
www.biltrewards.com/ 2 B
264 B 31ms
31ms Fetch
application/json 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/card?_rsc=acgkz

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
Next-Router-Prefetch: 1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Next-Url: /
Referer: https://www.biltrewards.com/
RSC: 1
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
date: Tue, 26 Mar 2024 03:46:20 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 26564
content-disposition: inline; filename="card.rsc"
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::cr2dm-1711424780510-94a92b49b7b9
x-matched-path: /card.rsc
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-vercel-cache: HIT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 widget_app_base_1711111645169.js Show response
cdn.userway.org/widgetapp/2024-03-22-12-47-25/ Frame 43DE 151 KB
43 KB 23ms
22ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-22-12-47-25/widget_app_base_1711111645169.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b3c03f17029f497fe1bf6a3444a93bd564779b9258ca4afa85f652f74b2b2c7d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
Origin: https://www2.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:20 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 591
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 311760
x-accel-date: 1711113020
x-77-nzt: EgwBw7WvDgH30MEEAAwBJRPCNAH3PAIAAA
x-accel-expires: @1737032448
x-77-age: 312332
last-modified: Fri, 22 Mar 2024 12:49:36 GMT
server: CDN77-Turbo
etag: W/"1c26724162adaea31f96227c8aca0d74"
x-77-nzt-ray: 908339303bac00a20c450266eb200122
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: 9i__PuUSnnI2ggr0FTH65S9BZ5-qJWnTh3xLlIzspoTPXLCiITg8qg==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 155ms
155ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450c-6587c43c0effa88e1eca51b6;Parent=35c0abc28072b6ee;Sampled=0;lineage=c457ad49:0
x-amzn-requestid: 5fbd4e3a-258a-47a4-9575-1db3c4dd55cd
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6CGjtoAMEjSg=
content-length: 0
x-amz-cf-id: MnwUJweh4Xir6hrnuJdiJn4NODx13JHZJ0Ui3enhGECPB2D64LQhCg==

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 158ms
115ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:20 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6BEmpIAMEHcA=
x-amz-cf-id: usriDwBOGVWLQA6-FV5WbUg21kdxUEVYlFZODDEiJUsYnFSy83FUFQ==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: 8ab1747f-40bb-4f8f-adfa-3ed0f1fd6f01
x-cache: Miss from cloudfront

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/ 3 KB
2 KB 65ms
21ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/settings
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a0f26587ad58ce7c24e5bfc71c13653e49cd8525604a3faa6595d7fd20c40ba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ti6Woz3UqW6BeVM3zOKB2OiKyqvpZHxT
content-encoding: gzip
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
date: Tue, 26 Mar 2024 01:20:57 GMT
x-amz-cf-pop: FRA6-C1
age: 8724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 25 Jan 2024 22:37:09 GMT
server: AmazonS3
etag: W/"8c889fcfc5c51a45addbd4ef957d1e72"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: -hEXxF1fL_7QKkEUlJVhZmyWJgkalhmFZIkdkjVxRQNjruBT8fmsOA==

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
313 B 111ms
110ms XHR
text/plain 3.65.91.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=CLz8BddIbHunRwx9J6JGIQ&is_js=true&landing_url=https%3A%2F%2Fwww.biltrewards.com%2F&t=Bilt%20Rewards&tip=-9M7z5QKCq-m055efBk55L7c4y7bB8EKC6sgbRBr0R8&host=https%3A%2F%2Fwww.biltrewards.com&sa_conv_data_css_value=%270-985debac-62fa-50f9-43c5-4ab0df538288%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9985debac62fa50f943c54ab0df538288d972da15&sa-user-id-v3=s%253AAQAKIEk5PelArlFu-eO_xYNe-_o2IH1nxzUUwyAoZqAVxLaFEHwYBCCMiomwBjABOgT7-sM6QgRp8Tvz.w4Dce8bbO6XOk0GVq83k27gVIubOTv%252B1Gmm2PQ%252Fr3jc&sa-user-id-v2=s%253AmF3rrGL6UPlDxUqw31OCiNly2hU.yQ6XRCEURkXx0yPhzZAL03s6iIeitZnF9Q%252FacRrgxUw&sa-user-id=s%253A0-985debac-62fa-50f9-43c5-4ab0df538288.eXRvWjz%252Ftu8%252BuE3x6GPyFNrhHKZuYu%252FmGf5wuaO3qQ8
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.65.91.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-91-158.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d5781b6843de18ff323984b25323f02a17ccbd6d984ea170e8f0f290272031bb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.biltrewards.com
date: Tue, 26 Mar 2024 03:46:20 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 116
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

POST
H2 200 TlbN1PqpZB Show response
api.userway.org/api/tunings/ Frame 43DE 63 B
446 B 188ms
188ms XHR
application/json 2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/TlbN1PqpZB
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-22-12-47-25/widget_app_base_1711111645169.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0ca8160a692d2ede5ba928e6b91500ca2e3b41bce9f4da9ac974b7df22f03cfb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
etag: W/"3f-PV0A++2rqOc4r1el3VJc1nugD2g"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr57fb3173bf4c4e5
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 63
x-service-version: uw-pr

GET
H3 200 QjUw3jJCmMzYz9c4QnfbBW9f90.png
framerusercontent.com/images/ Frame 43DE 176 KB
176 KB 24ms
24ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/QjUw3jJCmMzYz9c4QnfbBW9f90.png?scale-down-to=2048

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

0f21a3f784c0a180951483e44e8878606dd7e74c330a40afdcabfd998bd9ed9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 07:16:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 7504170
x-amzn-requestid: 93163bec-85c6-4ed1-8290-c1f9df2c9dac
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="pRWz8sPurNUMMmtmHL7yEF9_1TBTAL0sIzcHiHNTzjJD5ztYGUOfVw==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-658fc3e1-57315a206d7a02da7190c7b6;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: pRWz8sPurNUMMmtmHL7yEF9_1TBTAL0sIzcHiHNTzjJD5ztYGUOfVw==

GET
H3 200 OJrwICelx547sU9TUfsOWWw2XU.png
framerusercontent.com/images/ Frame 43DE 74 KB
75 KB 23ms
23ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OJrwICelx547sU9TUfsOWWw2XU.png?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

cf864361a24b9afe094f76d502d804e878318535e9479c428babec04f792bb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 21:01:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 7454670
x-amzn-requestid: 6bd86dc0-47a2-4c16-a0c3-51f3b79bd10b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="EgtEBTMxGcVXB35AhgajhR6c29apxBoW3EMVALgi2cNqXpJiSIKEMg==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6590853d-6cbbd6e16a26746a51f173da;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: EgtEBTMxGcVXB35AhgajhR6c29apxBoW3EMVALgi2cNqXpJiSIKEMg==

GET
H2 200 ajs-destination.bundle.13362ca512563a10e34d.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 20ms
19ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 Nov 2023 20:48:28 GMT
x-amz-version-id: p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding: br
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 11343473
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Nov 2023 20:12:01 GMT
server: AmazonS3
etag: W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 27RvyB7OgLLooUL95Bx6lgJZfNmdUAZ_WmBxklDAeOopl5n3bx-6lg==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
702 B 155ms
154ms Ping
text/plain 173.222.108.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.222.108.40 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a173-222-108-40.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2abfe506
date: Tue, 26 Mar 2024 03:46:20 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24032603462048F9E8D63B4214F5030F-7EDCAE37577EC7C0-00
x-cache: TCP_MISS from a173-222-108-36.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
server-timing: inner; dur=22, cdn-cache; desc=MISS, edge; dur=5, origin; dur=120
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024032603462048F9E8D63B4214F5030F
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 120,173.222.108.36
x-tt-trace-host: 015c91947f38d3c27845e9b099943b1b0d352f93d1b70f1c59c809968c791e622218c4a0a19e0d8e24228e2e50a33bf17446c1d4dd1e1bde35ececdbfc3adaeeaf4ef1340cc0eceb59f7f1d0e2ba250062cfd40a2e04ab45d55be7054f2c133d13
access-control-allow-headers: Authorization,*
expires: Tue, 26 Mar 2024 03:46:20 GMT

GET
H3 200 Bxu6GY24oplllZd0X0beaOpeu1Y.png
framerusercontent.com/images/ Frame 43DE 33 KB
34 KB 22ms
21ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Bxu6GY24oplllZd0X0beaOpeu1Y.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

85f5de4dc60ee136c7f141c4999ed8ab88b9bf0aed3a5806f9cbc4283a901b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 21:04:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 15489731
x-amzn-requestid: 47a703ad-c5a4-4663-a7ca-41b0215b5529
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="xGaFtDs5cuEHHrkLK4nuKDGXfoH1vSbofLVM0oa4aaERl3pvWZPb_w==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515ea49-22781c72779d140e4acf41d7;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xGaFtDs5cuEHHrkLK4nuKDGXfoH1vSbofLVM0oa4aaERl3pvWZPb_w==

GET
H3 206 ysCNtc4urbg6XoahxtFjQ5iM.mp4
framerusercontent.com/assets/ Frame 43DE 51 KB
0 24ms
23ms Media
video/mp4 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/ysCNtc4urbg6XoahxtFjQ5iM.mp4

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://www2.biltrewards.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 21 Feb 2024 19:18:05 GMT
x-amz-version-id: ZGpzvVL52zWME_U_sZUF.yLajT1DjUei
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2881696
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
Content-Range: bytes 0-7171940/7171941
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="8cXtXKbmET4lHjz1Q1_I4SxxbwTLMtD3FlIa5fcPehY5Ih55AKdBxg==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
Content-Length: 7171941
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Feb 2024 19:00:48 GMT
server: CloudFront
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag: "007bb0d7a6f76537bc66283ea97c56f3"
x-frame-options: deny
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 8cXtXKbmET4lHjz1Q1_I4SxxbwTLMtD3FlIa5fcPehY5Ih55AKdBxg==

GET
H3 200 Yq0ObCqEE6wFZWZK5Dp54noE4.png
framerusercontent.com/images/ Frame 43DE 25 KB
25 KB 22ms
22ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Yq0ObCqEE6wFZWZK5Dp54noE4.png?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

e7d6db02d371f6199fcd30f7d43ae8625d25137986906c8e44c522ba999f60d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917110
x-amzn-requestid: 15344764-72eb-463c-801a-3a616babc422
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="AsGtSeVbotjhcvh_pmIQcWVaxZ-U7wPyig0uLpMDv7Ml4XXaB5vWuA==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-620e9b68106e8d0710b4c3d3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: AsGtSeVbotjhcvh_pmIQcWVaxZ-U7wPyig0uLpMDv7Ml4XXaB5vWuA==

GET
H3 200 kPxJM4tLgnLH1CadICtjXQIzHyU.png
framerusercontent.com/images/ Frame 43DE 14 KB
14 KB 24ms
23ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kPxJM4tLgnLH1CadICtjXQIzHyU.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

6ba51e661ea99d73f18d67c0759bdfa54b3c409cab8308cccb0b4e94e6750ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917100
x-amzn-requestid: 2e4005e3-d4f1-4223-8f10-ce4e29194f95
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="_JY0f6K6WPA0pGHc32Kq_b8ICuugIyEgsUp4pfE4TvDQZVN-FCwMfQ==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-166d1a7913e3bf6f4caff6ea;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _JY0f6K6WPA0pGHc32Kq_b8ICuugIyEgsUp4pfE4TvDQZVN-FCwMfQ==

GET
H3 200 kZedshteNKwEnTSThLDeUR8Dvg.png
framerusercontent.com/images/ Frame 43DE 3 KB
3 KB 24ms
23ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kZedshteNKwEnTSThLDeUR8Dvg.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

2b6ffa1fda482766ba9db7607cf480fea2d6e045ea6d629cb1006b1384f43d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917110
x-amzn-requestid: 955dccb4-047a-403f-864a-55cccbf57bbd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="qp2sHexNEk4MY5MPZO8WruxBbRCLq2Dh0xwJInV7fVvjIu7yrLUAiQ==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-4028c3652793ae1569eb83fd;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qp2sHexNEk4MY5MPZO8WruxBbRCLq2Dh0xwJInV7fVvjIu7yrLUAiQ==

GET
H3 200 PpmuiGEDXM3kHtBp5icQtJnddr8.png
framerusercontent.com/images/ Frame 43DE 36 KB
36 KB 25ms
25ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PpmuiGEDXM3kHtBp5icQtJnddr8.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

c2f14ac6aa2d1007f23dbc8cd5535ae456550e6b6cec1114a60d56610e526861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: 570231b1-76ce-4948-b9d1-87e54e335dd5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="mbzFLYXKejBbfbCIfpPIpkRIAQJxw644zDNn7vpK2VmMIMYZMdcvIw==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-441c7c2c01bc6a640ffabe9c;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: mbzFLYXKejBbfbCIfpPIpkRIAQJxw644zDNn7vpK2VmMIMYZMdcvIw==

GET
H3 200 u3YgOCmum1dUpL43rOc7L0t2pTE.png
framerusercontent.com/images/ Frame 43DE 37 KB
37 KB 25ms
25ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/u3YgOCmum1dUpL43rOc7L0t2pTE.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

8fac5963cf08bccb52ed83675b4ab217e5c9dcf28d37f50f9b0f023fc0a9b783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9273305
x-amzn-requestid: 8de716e5-6484-465d-9b98-bf5b719b5ddf
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="RZtI2gkxceGsFI1JJvvmt_uTCIaa4jqJRKuB2Srp-wPEDdVQWSfPMQ==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-40ada02066e2ce3903f68f4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: RZtI2gkxceGsFI1JJvvmt_uTCIaa4jqJRKuB2Srp-wPEDdVQWSfPMQ==

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 20ms
20ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Jan 2024 02:55:30 GMT
x-amz-version-id: V60E1KIihu6zH2vDCNSI7M1UDRGAx6m0
content-encoding: br
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 5705450
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sat, 20 Jan 2024 01:04:52 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: -dEx1j-3aWf3sMj-ozvqli5f5hcYT_QiSccoFl6sOd6Z_SmxzaYTXw==

GET
H3 200 q2ZbwDh95WKyNtMuZKqIZa0Y.png
framerusercontent.com/images/ Frame 43DE 69 KB
70 KB 22ms
22ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/q2ZbwDh95WKyNtMuZKqIZa0Y.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

f72d0a5af37884e1b1b98c1d843591b5618a80cab198ce8e85cf4131dfde5524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9273305
x-amzn-requestid: 95e9b69a-0251-436a-88f6-acfa14840b49
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="KZ4FQvcW3CZPcbddpitslHvPpX4q2QBhx575U4YYDFHNvZFnhkUzpg==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-62a3a44b33d91cba46c2e0b4;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: KZ4FQvcW3CZPcbddpitslHvPpX4q2QBhx575U4YYDFHNvZFnhkUzpg==

GET
H3 200 VyL41pOzjpyf0ifC7GjerSeo3E.png
framerusercontent.com/images/ Frame 43DE 45 KB
45 KB 31ms
31ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/VyL41pOzjpyf0ifC7GjerSeo3E.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

12eb90ba365f5499e5dcca6dfa9e11e5e451e601f20c46d05cacfa45bbe0fa68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: 7a18f60e-5932-47f5-875d-17f2793f98fd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="jHeOFiG9Sr-w5rthXdJHVK5TMBS5Q93TMozbUntjlZ2yaAak_ljUCw==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-73b0f6ff3b15cf5703eadbaf;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: jHeOFiG9Sr-w5rthXdJHVK5TMBS5Q93TMozbUntjlZ2yaAak_ljUCw==

GET
H3 200 ly7hsGndYyaskNI1AqcxaAt6I.png
framerusercontent.com/images/ Frame 43DE 24 KB
25 KB 29ms
28ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ly7hsGndYyaskNI1AqcxaAt6I.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

4f452334c46c15d7198eb2155a3ec0d93ee81b7d1dfaaee86fe67532299b4f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: 26ed4e78-6421-49aa-8b87-e1be9f6ffb6f
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="5voOqTDy3OEjohooRXud8HM7DA57ShU-80j_o5U63QKNAZKIQ6glKQ==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-319c6f954b10e76e02e15a89;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5voOqTDy3OEjohooRXud8HM7DA57ShU-80j_o5U63QKNAZKIQ6glKQ==

GET
H3 200 RVFtmFp0chpaTRBkxXKss5HkWuI.png
framerusercontent.com/images/ Frame 43DE 25 KB
26 KB 30ms
30ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/RVFtmFp0chpaTRBkxXKss5HkWuI.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

dc9d99b4069719085cc1a67a93350f47b0d97185bc95c4afc509b917ca2a5ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9273305
x-amzn-requestid: c054beb9-a99a-44c8-b6e4-8efd99661635
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="DSD3PTVq_qyL5lJkgUPu_TzhdAddUI3vJ1SIy-bqXmYVQkHXft27mQ==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-689e8b4f72eef1440beb86f3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: DSD3PTVq_qyL5lJkgUPu_TzhdAddUI3vJ1SIy-bqXmYVQkHXft27mQ==

GET
H3 200 wkMxGLA0wVGsaSgWt2doW86Zic.png
framerusercontent.com/images/ Frame 43DE 31 KB
32 KB 32ms
31ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wkMxGLA0wVGsaSgWt2doW86Zic.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

5ac1c77c992ddf5093ee99f3128e769ce4e854e31d63a45a5c229fa012f3d27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: ba6827ad-aabc-411e-9dc2-dfa723dd0780
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="B2gWl0TH-q2rhUJPvKM-6qtt-m1VN7JPsBHajK0fM8_p3jeRBcVOqQ==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-644b15642b1ea7fc78e9b405;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: B2gWl0TH-q2rhUJPvKM-6qtt-m1VN7JPsBHajK0fM8_p3jeRBcVOqQ==

GET
H3 200 UPxnowvsa2Fbt3lp5oDDFXRjROc.png
framerusercontent.com/images/ Frame 43DE 32 KB
32 KB 32ms
32ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/UPxnowvsa2Fbt3lp5oDDFXRjROc.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

af6eba57bf2517abf6514c8efc984691780db40d0468f1bf9e4d1f8687d0f3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9441135
x-amzn-requestid: e03300e0-9cad-43fc-8ab6-de726d6b5f30
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="WY6gZwjUa4GkQ5MOCfkCMaTLZuN-2Cp2w8VAxia2e5Tx6D66QerJaw==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-765ffb934b7dbe1f748e348d;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WY6gZwjUa4GkQ5MOCfkCMaTLZuN-2Cp2w8VAxia2e5Tx6D66QerJaw==

GET
H3 200 2Zx97veGwo826dqlIbR2hMKiY.png
framerusercontent.com/images/ Frame 43DE 85 KB
86 KB 32ms
32ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/2Zx97veGwo826dqlIbR2hMKiY.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

4dd34f61aca89d6bc803b2bd3feb6a97b9be91c52dc7cfb6bf64971b08b3f83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 05 Dec 2023 23:57:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9604122
x-amzn-requestid: c6578a5d-2b8c-483a-ac9d-b78066b234a7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="eOsV8WJxTk1bfeyT52-Q8GWcHqKY0IFf3GSo6grsbsjgh2i5pPfj5w==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-656fb8f2-1a3284985a17b98d6b56e9b6;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eOsV8WJxTk1bfeyT52-Q8GWcHqKY0IFf3GSo6grsbsjgh2i5pPfj5w==

GET
H3 200 i6iRuC8inkOu49dyb2cMx7KLX9o.png
framerusercontent.com/images/ Frame 43DE 32 KB
32 KB 33ms
33ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/i6iRuC8inkOu49dyb2cMx7KLX9o.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

c04daf4d84b602e33cd55244de90765807629d32b9bec66402b61bbc9666995c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9441136
x-amzn-requestid: d1276dde-ce3c-43b3-bdf2-19fb56353b67
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="WTz0Y41NAX4yOWPFyadUyOmVspdYlYeZQ_mlWreZPUDhrgFgD5UY1A==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-6d94249e4d78cc9c47e01d91;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WTz0Y41NAX4yOWPFyadUyOmVspdYlYeZQ_mlWreZPUDhrgFgD5UY1A==

GET
H3 200 4Um58dLygSHRrlUbzVAaCiPfHeE.png
framerusercontent.com/images/ Frame 43DE 61 KB
62 KB 31ms
31ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/4Um58dLygSHRrlUbzVAaCiPfHeE.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

d065eff191539c5a5e24a3a4f1bb8ff55a32c7701e34d57ae8b49ca555bdeb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 02:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8816319
x-amzn-requestid: 76e437ee-349e-4296-8605-83da030eb99b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="9IebAeUFSDYc41IjtMmBLxOSxq95BNKL9j8FhkBQ7mQz_KV9nI65IQ==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657bbe4d-6fba888c030366654cd8e9e2;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 9IebAeUFSDYc41IjtMmBLxOSxq95BNKL9j8FhkBQ7mQz_KV9nI65IQ==

GET
H3 200 OwD5vj1mJJkrw8fQ4TLBsZu7VY.png
framerusercontent.com/images/ Frame 43DE 67 KB
68 KB 30ms
30ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OwD5vj1mJJkrw8fQ4TLBsZu7VY.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

76d2ff093e6915059cf45b5a51b88ccd5e79c038e42ecd2cf5817403b6c52cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917098
x-amzn-requestid: 78b339dd-e4b5-456c-bb1c-74370a5115ab
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="qBxFFVTd_GuDTxU5sp2xA4SoQsGYUETggrDiuXT8m-KAhXIQsV5bow==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-47094d6076a345a112379c31;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qBxFFVTd_GuDTxU5sp2xA4SoQsGYUETggrDiuXT8m-KAhXIQsV5bow==

GET
H3 200 Yq0ObCqEE6wFZWZK5Dp54noE4.png
framerusercontent.com/images/ Frame 43DE 25 KB
25 KB 30ms
25ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Yq0ObCqEE6wFZWZK5Dp54noE4.png?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

e7d6db02d371f6199fcd30f7d43ae8625d25137986906c8e44c522ba999f60d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917110
x-amzn-requestid: 15344764-72eb-463c-801a-3a616babc422
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="7BFwJTpQs59H_Aez4KTQU3PaBeCI0eRc1snV24CNylSdR2XEaSI_uw==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-620e9b68106e8d0710b4c3d3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7BFwJTpQs59H_Aez4KTQU3PaBeCI0eRc1snV24CNylSdR2XEaSI_uw==

GET
H3 200 kPxJM4tLgnLH1CadICtjXQIzHyU.png
framerusercontent.com/images/ Frame 43DE 14 KB
14 KB 30ms
26ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kPxJM4tLgnLH1CadICtjXQIzHyU.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

6ba51e661ea99d73f18d67c0759bdfa54b3c409cab8308cccb0b4e94e6750ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917100
x-amzn-requestid: 2e4005e3-d4f1-4223-8f10-ce4e29194f95
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="gBRhiJAbHUdkzmWbTpktjUvUtY83Yr4TA9d4WRR0FJ2EWMMhA3Zxsg==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-166d1a7913e3bf6f4caff6ea;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gBRhiJAbHUdkzmWbTpktjUvUtY83Yr4TA9d4WRR0FJ2EWMMhA3Zxsg==

GET
H3 200 kZedshteNKwEnTSThLDeUR8Dvg.png
framerusercontent.com/images/ Frame 43DE 3 KB
3 KB 30ms
25ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kZedshteNKwEnTSThLDeUR8Dvg.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

2b6ffa1fda482766ba9db7607cf480fea2d6e045ea6d629cb1006b1384f43d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917110
x-amzn-requestid: 955dccb4-047a-403f-864a-55cccbf57bbd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="mFe-GXArI1Mbb-xXU7884qZdPVljGTejqZQQUm-Fkl0szwVoxdZomA==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-4028c3652793ae1569eb83fd;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: mFe-GXArI1Mbb-xXU7884qZdPVljGTejqZQQUm-Fkl0szwVoxdZomA==

GET
H3 200 PpmuiGEDXM3kHtBp5icQtJnddr8.png
framerusercontent.com/images/ Frame 43DE 36 KB
36 KB 33ms
29ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PpmuiGEDXM3kHtBp5icQtJnddr8.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

c2f14ac6aa2d1007f23dbc8cd5535ae456550e6b6cec1114a60d56610e526861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: 570231b1-76ce-4948-b9d1-87e54e335dd5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="QHajmKPSFm2feKI3r1qWruewlAPV5ozxKxDcizcqT44nuixJ2TM_6A==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-441c7c2c01bc6a640ffabe9c;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: QHajmKPSFm2feKI3r1qWruewlAPV5ozxKxDcizcqT44nuixJ2TM_6A==

GET
H3 200 u3YgOCmum1dUpL43rOc7L0t2pTE.png
framerusercontent.com/images/ Frame 43DE 37 KB
37 KB 32ms
30ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/u3YgOCmum1dUpL43rOc7L0t2pTE.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

8fac5963cf08bccb52ed83675b4ab217e5c9dcf28d37f50f9b0f023fc0a9b783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9273305
x-amzn-requestid: 8de716e5-6484-465d-9b98-bf5b719b5ddf
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="wdWRi3MUUsIi_OCCHrbngc8DRQHeNTNsGe5GCOWn_Ra7DrYUi8YrrQ==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-40ada02066e2ce3903f68f4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wdWRi3MUUsIi_OCCHrbngc8DRQHeNTNsGe5GCOWn_Ra7DrYUi8YrrQ==

GET
H2 200 fullstory.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/ 5 KB
3 KB 22ms
18ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/fullstory/3.1.0/fullstory.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de8f2ac57087767409b0bb4025e88c1ebb0fd18e0e73144e4ac15997f3350821

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 01 Feb 2024 00:04:20 GMT
content-encoding: gzip
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-version-id: sZ4uaVuryvCnkNR7kX2ChFxfvv_9ZYSp
x-amz-cf-pop: FRA6-C1
age: 4678921
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2166
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "e99e99fffc341f6a85e129a73956e837"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: YrSvdK8Pk7wbzJYGQ13v73e0J6skDQnGT0iRwLRMNLPXz7Qt8V_nmQ==

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/ 10 KB
4 KB 22ms
19ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 06 Mar 2024 01:14:37 GMT
content-encoding: gzip
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-version-id: S8v5d5P0qfDBSEoPSWLZchRWN2umr8zx
x-amz-cf-pop: FRA6-C1
age: 1737104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3273
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "4b03a476015c2ba9b9e74e895b97c12c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: PYV62-WepW3O0hi352ptp3ZC69DfFP8EvfG-0aWFPhxmrDKenYxpkQ==

GET
H2 200 adwords.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/adwords/2.5.3/ 4 KB
2 KB 23ms
20ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/adwords/2.5.3/adwords.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cdfc45291898f113cf74b9db84cd914b2069a1bf948e51665789a627186f342

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 31 Jan 2024 23:59:28 GMT
content-encoding: gzip
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-version-id: .PFTD1mf4T6.cqCzCGDBaoXaZe77x4YA
x-amz-cf-pop: FRA6-C1
age: 4679213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1356
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "257fe81df53dcd4819bc1a81e78fce58"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: X9RAP7qSN0kxQq8YZDXfeY9loSkvMKTs8OlM5ZS0wR6fQZf30sBzNw==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 24ms
21ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 31 Jan 2024 09:56:24 GMT
content-encoding: gzip
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-version-id: iBgkeROQ82ipYgPNwFnoDehQ.U3dPJg.
x-amz-cf-pop: FRA6-C1
age: 4729797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1342
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "a1bed0458702cf863f2d24fb1b9d39ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: x2NgJNBrQRjQNO918gSLYxv8G06qgnwKISfRPNqAh7ZBD7VxnhYQjw==

GET
H3 200 q2ZbwDh95WKyNtMuZKqIZa0Y.png
framerusercontent.com/images/ Frame 43DE 69 KB
70 KB 33ms
32ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/q2ZbwDh95WKyNtMuZKqIZa0Y.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

f72d0a5af37884e1b1b98c1d843591b5618a80cab198ce8e85cf4131dfde5524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9273305
x-amzn-requestid: 95e9b69a-0251-436a-88f6-acfa14840b49
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="p2lB6qXLxxU66mDyhm1qm7QQYw9blhpz-dOEEdq9S_6_dGoB8BTXyQ==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-62a3a44b33d91cba46c2e0b4;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: p2lB6qXLxxU66mDyhm1qm7QQYw9blhpz-dOEEdq9S_6_dGoB8BTXyQ==

GET
H3 200 VyL41pOzjpyf0ifC7GjerSeo3E.png
framerusercontent.com/images/ Frame 43DE 45 KB
45 KB 35ms
33ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/VyL41pOzjpyf0ifC7GjerSeo3E.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

12eb90ba365f5499e5dcca6dfa9e11e5e451e601f20c46d05cacfa45bbe0fa68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: 7a18f60e-5932-47f5-875d-17f2793f98fd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="P0MIiQlPhobBc08yMQODOrOgy7gvBVy-F1u5uTNvLEo-h7Qic--SWA==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-73b0f6ff3b15cf5703eadbaf;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: P0MIiQlPhobBc08yMQODOrOgy7gvBVy-F1u5uTNvLEo-h7Qic--SWA==

GET
H3 200 ly7hsGndYyaskNI1AqcxaAt6I.png
framerusercontent.com/images/ Frame 43DE 24 KB
25 KB 58ms
56ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ly7hsGndYyaskNI1AqcxaAt6I.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

4f452334c46c15d7198eb2155a3ec0d93ee81b7d1dfaaee86fe67532299b4f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: 26ed4e78-6421-49aa-8b87-e1be9f6ffb6f
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="qH0tEIt3ypITTkKVcPLJUNuPhtfsYsORnmHzYeFLdHjhKAtV0WLEqg==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-319c6f954b10e76e02e15a89;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qH0tEIt3ypITTkKVcPLJUNuPhtfsYsORnmHzYeFLdHjhKAtV0WLEqg==

GET
H3 200 RVFtmFp0chpaTRBkxXKss5HkWuI.png
framerusercontent.com/images/ Frame 43DE 25 KB
26 KB 57ms
55ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/RVFtmFp0chpaTRBkxXKss5HkWuI.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

dc9d99b4069719085cc1a67a93350f47b0d97185bc95c4afc509b917ca2a5ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9273305
x-amzn-requestid: c054beb9-a99a-44c8-b6e4-8efd99661635
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="QUhe3GJ4mr9cMqPGMELiarCo46iTfvwNExpuEaRcNN1KuU-hv6TImQ==",cdn-downstream-fbl;dur=0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-689e8b4f72eef1440beb86f3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: QUhe3GJ4mr9cMqPGMELiarCo46iTfvwNExpuEaRcNN1KuU-hv6TImQ==

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1711424780219&aid=b-00ri&se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=ht...

0
0

GET
H3 200 6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
framerusercontent.com/images/ Frame 43DE 214 B
807 B 26ms
20ms Image
image/svg+xml 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/6tTbkXggWgQCAJ4DO2QEdXXmgM.svg

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jul 2023 10:01:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 22527920
x-amzn-requestid: cd6fe516-7186-49ea-8583-2bab5f74ff2a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="RFROBosUDTlphmpA2E_mKZCb2bVUio6eCYyBtQVN8Ly_cMuoDrMu6Q==",cdn-downstream-fbl;dur=0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64aa855c-0af01ff92e851a665abb74ce;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: RFROBosUDTlphmpA2E_mKZCb2bVUio6eCYyBtQVN8Ly_cMuoDrMu6Q==

GET
H3 200 11KSGbIZoRSg4pjdnUoif6MKHI.svg
framerusercontent.com/images/ Frame 43DE 215 B
808 B 27ms
22ms Image
image/svg+xml 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/11KSGbIZoRSg4pjdnUoif6MKHI.svg

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 12:09:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9992205
x-amzn-requestid: f927c207-5d43-4a31-84ec-0d06d0c63c6a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="8wTVXZUtsxxqNQavtCIg8tDZpHMqUWjax_ec63IQtkszEqdNJT01sg==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6569ccff-42414f1e2713071463b83623;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8wTVXZUtsxxqNQavtCIg8tDZpHMqUWjax_ec63IQtkszEqdNJT01sg==

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-03-22-12-47-25/locales/ 621 B
1004 B 18ms
18ms XHR
application/json 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-22-12-47-25/locales/en-US.json
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:20 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 290
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 311752
x-accel-date: 1711113028
x-77-nzt: EgwBw7WvDgH3yMEEAAwBisclxAH3bwMAAA
x-accel-expires: @1737032149
x-77-age: 312631
last-modified: Fri, 22 Mar 2024 12:49:36 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: 908339303bac00a20c45026609009930
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: 150KQQnbwqlhbUBPcwNFDH9YbQ0joeYxJ7YdE1g3deG7qY9xQLQ4xA==

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 23ms
23ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1ErkYwybcb0e7wVdFNgEA2tWV7mt2Lpq/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Mar 2024 21:32:12 GMT
content-encoding: gzip
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-version-id: HopHKmY9TBcR3b.zdj3KrkRozUW9hj.F
x-amz-cf-pop: FRA6-C1
age: 368049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Fri, 08 Mar 2024 07:35:27 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 71BOXG7F_YJgcT9FpNvKiZCHyj3keHHaoVCJDZBY-gMOFN3G2U_eew==

GET
H3 200 xCQC3Wupbo8m3lPpUkDhzX5YD4.png
framerusercontent.com/images/ Frame 43DE 61 KB
61 KB 22ms
22ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/xCQC3Wupbo8m3lPpUkDhzX5YD4.png?scale-down-to=1024

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

052aad9f617143aa4ac1796210fe7d4b591bddfca04b80a52bb44382bf0fcaaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 Nov 2023 08:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11302802
x-amzn-requestid: 9b6a1016-27a4-4c1c-bf6c-4dd5244f6e72
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="_F12w21W_EChLyCfKBoJNpQX4DfZ2QL4z8Ss_dIePelpEHKGXg61Ow==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6555cd7a-72716d0321980bee33a7f28e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _F12w21W_EChLyCfKBoJNpQX4DfZ2QL4z8Ss_dIePelpEHKGXg61Ow==

GET
H3 200 7dgusnBALjfsS0yucyysUvo9a8o.jpg
framerusercontent.com/images/ Frame 43DE 97 KB
97 KB 23ms
23ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/7dgusnBALjfsS0yucyysUvo9a8o.jpg

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

16e01cf649348ae4aa10d00073964eb618ddfe12fb19832485fb131dda930f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 22 Feb 2024 18:15:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2799023
x-amzn-requestid: f79f9e01-484c-4a08-bdbc-c2fddeffb140
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="7shL1vEchttBxs8iuOIfyBv26ePP8Jw5phB1XXmML-v38tfKUVWA_g==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65d78f5d-62e6045614e49c90304ec543;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7shL1vEchttBxs8iuOIfyBv26ePP8Jw5phB1XXmML-v38tfKUVWA_g==

GET
H3 200 NI61TIlpX6TJbklIpHSie2tEpGE.png
framerusercontent.com/images/ Frame 43DE 65 KB
66 KB 26ms
25ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/NI61TIlpX6TJbklIpHSie2tEpGE.png?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

5e5037129f05b5364a856cbc1a8bfbbaad20aeca2fe2c43d8590a856c753d485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 Nov 2023 10:28:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10343867
x-amzn-requestid: 413005f5-e144-4729-aaee-163700256cfb
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="smmVlAK6oN--mGfHfpdBqJS2oltHn84L30q8snIvw7dOyoZAWc22BQ==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65646f51-5dc48f8225829ec367f04792;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: smmVlAK6oN--mGfHfpdBqJS2oltHn84L30q8snIvw7dOyoZAWc22BQ==

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-03-22-12-47-25/locales/ Frame 43DE 621 B
1004 B 21ms
20ms XHR
application/json 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-22-12-47-25/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-22-12-47-25/widget_app_base_1711111645169.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:20 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 290
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 311752
x-accel-date: 1711113028
x-77-nzt: EgwBw7WvDgH3yMEEAAwBisclxAH3bwMAAA
x-accel-expires: @1737032149
x-77-age: 312631
last-modified: Fri, 22 Mar 2024 12:49:36 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: 908339303bac00a20c450266c54cbc31
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: 150KQQnbwqlhbUBPcwNFDH9YbQ0joeYxJ7YdE1g3deG7qY9xQLQ4xA==

GET
H3 200 XjelGy0AgZXWBtmYgQFM6So2cZU.png
framerusercontent.com/images/ Frame 43DE 25 KB
26 KB 25ms
24ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/XjelGy0AgZXWBtmYgQFM6So2cZU.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

a935b85e486d01cfd4d6367d1fa1cab1ae49196644c492860878cf959e332633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 17:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 15500906
x-amzn-requestid: c346a2e6-eb2d-43fb-9561-2d4dd1b33b36
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="fMbgHvH9O6PTmD6IwznCX7aEr9QsY6DLX3IxMrPp80szIPK6nJWv3Q==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515bea2-249c5b1462b996922d6bdf1c;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: fMbgHvH9O6PTmD6IwznCX7aEr9QsY6DLX3IxMrPp80szIPK6nJWv3Q==

GET
H3 200 ENcVpm4LA7y23rHPsliWCOd8K5M.svg
framerusercontent.com/images/ Frame 43DE 37 KB
38 KB 23ms
22ms Image
image/svg+xml 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ENcVpm4LA7y23rHPsliWCOd8K5M.svg

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

fec8ecde0a3753bfd77b25f5aeffaaf8ef41f0744d77e2f32d5e46eab1a04a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 01:55:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10029069
x-amzn-requestid: 602448b7-7767-43ed-9698-66fdc76eb854
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="oJuweDd67Rx9cF-wSE7E2bDFwUzPu_xQob7mfYtqOr9stYc7X-cKig==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65693cff-38eeff556792153857a1b87e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: oJuweDd67Rx9cF-wSE7E2bDFwUzPu_xQob7mfYtqOr9stYc7X-cKig==

GET
H2 200 bilt
decagon.ai/demo/ Frame 360E 0
0 198ms
156ms Document
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://decagon.ai/demo/bilt?defaultVisibility=hidden

Requested by

Host: decagon.ai
URL: https://decagon.ai/loaders/bilt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 26 Mar 2024 03:46:21 GMT
server: Vercel
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-matched-path: /demo/[slug]
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: iad1
x-vercel-id: fra1::iad1::p2bb8-1711424780923-efd4f5ccf0c3

GET
H2 200 de67a7b8-de3e-4c8f-858d-6c7f832a1a5f
sync-transcend-cdn.com/consent-manager/ Frame 6733 0
0 274ms
218ms Document
application/xhtml+xml 2606:4700::6812:6f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sync-transcend-cdn.com/consent-manager/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/de67a7b8-de3e-4c8f-858d-6c7f832a1a5f/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.biltrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cf-ray: 86a42730de6871a9-FRA
content-disposition: inline
content-encoding: br
content-type: application/xhtml+xml
date: Tue, 26 Mar 2024 03:46:21 GMT
etag: W/"ecaabd46fc191f55321d2c2683697460"
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 252 KB
82 KB 22ms
21ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3d8d7bae594dd199f2ef12cbebbfcb193e301e7bd987eb0ece6e5102f2beda4c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:22:07 GMT
content-encoding: gzip
age: 1453
x-guploader-uploadid: ABPtcPrlF-3MZQq-CiExfzJlcKYdBLydCXcvhDsxZTokbMreYKO8rVTCHvjW93ULoA_7CvIYbn9K3LSOlg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83656
last-modified: Mon, 25 Mar 2024 18:18:55 GMT
server: UploadServer
etag: "a638bf7f47ea9a583af982bf50d8cf41"
vary: Accept-Encoding
x-goog-generation: 1711390735385292
x-goog-hash: crc32c=xIBA7g==, md5=pji/f0fqmlg6+YK/UNjPQQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 83656
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 26 Mar 2024 04:22:07 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 49 KB
18 KB 94ms
33ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

138dc998424a6f8f578ae8fe723a4c0d5cf3822795319642f4eeedb6c66a7244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17946
x-xss-protection: 0
server: cafe
etag: 4422050633817958575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 03:46:20 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 71ms
24ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Mar 2024 03:46:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1294, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: xrkD2YNTLipyDwSzJo40B0vm6kAPWEMqvu/KyJNJ0sZZIqeoWti+63JQYHd0bzDiOi4e/8ach5DDhDyDb5ymuw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 276 KB
94 KB 38ms
38ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KZTNLX&l=dataLayer&gtm_preview=gtm_auth=WonWorjHdmyZK4CuPVtRVg&gtm_preview=env-8

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

8eed86611e7aac5260397f393133a620406e61bdd845dec141b66fe376003031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95821
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Mar 2024 03:46:20 GMT

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
165 B 47ms
47ms Ping
text/plain 34.251.175.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/1572-9b7e73a3439ce0d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.175.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-175-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Mar 2024 03:46:20 GMT
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
cross-origin-resource-policy: cross-origin
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET
H3 200 6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
framerusercontent.com/images/ Frame 43DE 214 B
805 B 20ms
20ms Image
image/svg+xml 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/6tTbkXggWgQCAJ4DO2QEdXXmgM.svg

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jul 2023 10:01:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 22527920
x-amzn-requestid: cd6fe516-7186-49ea-8583-2bab5f74ff2a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="--4gf244D3e2HjYByoh2sXPlaOMtPWnXQALc5v9BPwvc2Chqf1QlbQ==",cdn-downstream-fbl;dur=0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64aa855c-0af01ff92e851a665abb74ce;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: --4gf244D3e2HjYByoh2sXPlaOMtPWnXQALc5v9BPwvc2Chqf1QlbQ==

GET
H3 200 11KSGbIZoRSg4pjdnUoif6MKHI.svg
framerusercontent.com/images/ Frame 43DE 215 B
806 B 21ms
21ms Image
image/svg+xml 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/11KSGbIZoRSg4pjdnUoif6MKHI.svg

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 12:09:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9992205
x-amzn-requestid: f927c207-5d43-4a31-84ec-0d06d0c63c6a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="KzEducCTLuWW4iO9A_71tvtuUAIsuErScY2l-rrcvYD2F1AFPIqaQw==",cdn-downstream-fbl;dur=0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6569ccff-42414f1e2713071463b83623;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: KzEducCTLuWW4iO9A_71tvtuUAIsuErScY2l-rrcvYD2F1AFPIqaQw==

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1711424780219&aid=b-00ri&se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=ht...

0
0

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 130ms
129ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:20 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6EGgvIAMEQrA=
x-amz-cf-id: 2tCLwUfWbYGTT4Azv-v-CeZhZRRvYWoC5ZyR-hm4NTfQItDInSSvyQ==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: 6deb6a25-c0c8-4cd8-a8f0-a7fd9b33ab0f
x-cache: Miss from cloudfront

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 298ms
294ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6GHYXoAMESUQ=
x-amz-cf-id: _kBcAzPalK-ny0cSOYDoH8TJkAqnHA5GhmDlzqFABAmRxLO0-8lQ-w==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: b56f20a4-7af1-4ed4-acef-566e58a2336e
x-cache: Miss from cloudfront

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 295ms
292ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6GFbPoAMEnBw=
x-amz-cf-id: hUbQqy03sRHGQ6XftdS9Rr-mdwvZRfjq-kaMMv1NQ7cjOCnYQmBKSw==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: 980c737c-1014-4cb1-a59e-85de08c70303
x-cache: Miss from cloudfront

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 297ms
294ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6GHGCoAMEU5g=
x-amz-cf-id: MA87g0x7VHC__Y2M-ELhP9YoVezZzjgdJmKd4ZR73j7vGcMVB7S0eA==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: 022415a6-0322-4b96-80d1-df38e4b20f6a
x-cache: Miss from cloudfront

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 134ms
130ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6EG6FIAMEHIQ=
x-amz-cf-id: 60VKdt6ebFPLhGMyWifEUXjy5URPvF3VEl9_Wcz_nMyDNTiwzpy59g==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: 79771585-3ffa-42dc-be70-e1af7f535521
x-cache: Miss from cloudfront

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 389ms
386ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6HGMuoAMEOoQ=
x-amz-cf-id: KW4ttFy-u_Wgz8vo1mqnKrZLXrqEkITlip_i8FPpLhHwMzb-_GdWgA==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: 262898e9-8812-4660-80f7-2bd3725fcb39
x-cache: Miss from cloudfront

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 390ms
387ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6HH4voAMESIg=
x-amz-cf-id: hr7vWSbI1iJO1rlOLbLk3tCkHHDsBXGpUW7qGG3NTds7hVM21LVEHA==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: 95df46d8-c7cc-4de4-97bc-9f3629b4482b
x-cache: Miss from cloudfront

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 392ms
389ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6HEegIAMEdOA=
x-amz-cf-id: 6snHhpTfYBIBX7ZiEfFJVpnbyuuMIN6kjITYH79r6aO-2JIeTvz1LQ==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: f83b4c55-a94d-409c-a93a-cc7cb1ce7cb3
x-cache: Miss from cloudfront

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 390ms
388ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6HGcdIAMEN9g=
x-amz-cf-id: JumYoDsrSPaI5VgWYruZkiuTtsuUePSp6eQY-xMcUM0W5Im0OEOl9A==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: 22473c2c-4b01-4ea9-9512-fcb56de4b05f
x-cache: Miss from cloudfront

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 388ms
387ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6HGERoAMEMHw=
x-amz-cf-id: ufDqsYrcbD9ytu_Knwmo2PbIjedjeLJc8MJBz7wvRdjG2O_de2fZmA==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: 3039f6a3-3e76-429f-8583-6b53daeff6e5
x-cache: Miss from cloudfront

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 404ms
402ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6HG-woAMESEA=
x-amz-cf-id: CZab3sqX9pCX_BifvFmwyBc43fxiaLgMvMiY3Y8TkPitV2Sc4fUkaQ==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: ddc8bc0b-7d0b-4317-8a38-ce3406637167
x-cache: Miss from cloudfront

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 431ms
429ms Preflight
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www2.biltrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-apigw-id: VN-6HEgCIAMEozg=
x-amz-cf-id: kFlavUnbSFAJNpBlto-uKjLKPhfpMTXigpJsf0IA58qmEJsnPEawcA==
x-amz-cf-pop: FRA60-P7
x-amzn-requestid: c8d3b14f-52af-45a6-a2ef-c1b22dd0bfa8
x-cache: Miss from cloudfront

GET
H3 200 OJrwICelx547sU9TUfsOWWw2XU.png
framerusercontent.com/images/ Frame 43DE 74 KB
75 KB 22ms
22ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OJrwICelx547sU9TUfsOWWw2XU.png?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

cf864361a24b9afe094f76d502d804e878318535e9479c428babec04f792bb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 21:01:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 7454670
x-amzn-requestid: 6bd86dc0-47a2-4c16-a0c3-51f3b79bd10b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="7jWSb1KpT7dhRNLSw4umJKoToLYd1g1Y7COXvdHIP0gtZQOkk8vfcg==",cdn-downstream-fbl;dur=0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6590853d-6cbbd6e16a26746a51f173da;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7jWSb1KpT7dhRNLSw4umJKoToLYd1g1Y7COXvdHIP0gtZQOkk8vfcg==

GET
H3 200 QjUw3jJCmMzYz9c4QnfbBW9f90.png
framerusercontent.com/images/ Frame 43DE 176 KB
176 KB 23ms
23ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/QjUw3jJCmMzYz9c4QnfbBW9f90.png?scale-down-to=2048

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

0f21a3f784c0a180951483e44e8878606dd7e74c330a40afdcabfd998bd9ed9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 07:16:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 7504170
x-amzn-requestid: 93163bec-85c6-4ed1-8290-c1f9df2c9dac
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="OaHybeYnmcUiSGM-7snw3mxyK4zq7YyALWrPZuh5nLBLux7VtarakQ==",cdn-downstream-fbl;dur=0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-658fc3e1-57315a206d7a02da7190c7b6;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OaHybeYnmcUiSGM-7snw3mxyK4zq7YyALWrPZuh5nLBLux7VtarakQ==

GET
H3 200 Bxu6GY24oplllZd0X0beaOpeu1Y.png
framerusercontent.com/images/ Frame 43DE 33 KB
34 KB 31ms
27ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Bxu6GY24oplllZd0X0beaOpeu1Y.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

85f5de4dc60ee136c7f141c4999ed8ab88b9bf0aed3a5806f9cbc4283a901b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 21:04:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 15489731
x-amzn-requestid: 47a703ad-c5a4-4663-a7ca-41b0215b5529
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="szkk2rXAYZE9kZDKKaa1-cNFZWmlT-7PALQMe1LKSi0mfy6r5KyRlA==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515ea49-22781c72779d140e4acf41d7;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: szkk2rXAYZE9kZDKKaa1-cNFZWmlT-7PALQMe1LKSi0mfy6r5KyRlA==

GET
H3 200 Yq0ObCqEE6wFZWZK5Dp54noE4.png
framerusercontent.com/images/ Frame 43DE 25 KB
25 KB 24ms
22ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Yq0ObCqEE6wFZWZK5Dp54noE4.png?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

e7d6db02d371f6199fcd30f7d43ae8625d25137986906c8e44c522ba999f60d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917110
x-amzn-requestid: 15344764-72eb-463c-801a-3a616babc422
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="2uJGO7yIyX_AH3npaoSTTqKL6Bv6O9AvESzrxnxuDTiDSbRZYGQ_Rw==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-620e9b68106e8d0710b4c3d3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 2uJGO7yIyX_AH3npaoSTTqKL6Bv6O9AvESzrxnxuDTiDSbRZYGQ_Rw==

GET
H3 200 kPxJM4tLgnLH1CadICtjXQIzHyU.png
framerusercontent.com/images/ Frame 43DE 14 KB
14 KB 26ms
24ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kPxJM4tLgnLH1CadICtjXQIzHyU.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

6ba51e661ea99d73f18d67c0759bdfa54b3c409cab8308cccb0b4e94e6750ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917100
x-amzn-requestid: 2e4005e3-d4f1-4223-8f10-ce4e29194f95
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="6SCthUvoZEL3xRIDbcH9g8QSdOF1V3ICD1sjMMKOuZKEwlLHfQTY0A==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-166d1a7913e3bf6f4caff6ea;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6SCthUvoZEL3xRIDbcH9g8QSdOF1V3ICD1sjMMKOuZKEwlLHfQTY0A==

GET
H3 200 kZedshteNKwEnTSThLDeUR8Dvg.png
framerusercontent.com/images/ Frame 43DE 3 KB
3 KB 27ms
25ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kZedshteNKwEnTSThLDeUR8Dvg.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

2b6ffa1fda482766ba9db7607cf480fea2d6e045ea6d629cb1006b1384f43d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:47:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917110
x-amzn-requestid: 955dccb4-047a-403f-864a-55cccbf57bbd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="-T0Z936txYeuEw-k0GpamlmJ5I2xcv8iv7eUp4Izc7tNvknZKfB2iw==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a3495-4028c3652793ae1569eb83fd;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -T0Z936txYeuEw-k0GpamlmJ5I2xcv8iv7eUp4Izc7tNvknZKfB2iw==

GET
H3 200 PpmuiGEDXM3kHtBp5icQtJnddr8.png
framerusercontent.com/images/ Frame 43DE 36 KB
36 KB 28ms
26ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/PpmuiGEDXM3kHtBp5icQtJnddr8.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

c2f14ac6aa2d1007f23dbc8cd5535ae456550e6b6cec1114a60d56610e526861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: 570231b1-76ce-4948-b9d1-87e54e335dd5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="Ks1-hXfwO3Hr7XWD42UdgJFBVZb8t1W1airYve2H4P9cIno0g2vHIA==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a0-441c7c2c01bc6a640ffabe9c;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Ks1-hXfwO3Hr7XWD42UdgJFBVZb8t1W1airYve2H4P9cIno0g2vHIA==

GET
H3 200 u3YgOCmum1dUpL43rOc7L0t2pTE.png
framerusercontent.com/images/ Frame 43DE 37 KB
37 KB 30ms
28ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/u3YgOCmum1dUpL43rOc7L0t2pTE.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

8fac5963cf08bccb52ed83675b4ab217e5c9dcf28d37f50f9b0f023fc0a9b783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9273305
x-amzn-requestid: 8de716e5-6484-465d-9b98-bf5b719b5ddf
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="qkaBCFOxcwNwijS7Vc887plbQwaF0qeFvKqtq1l22i0Ab7ZF1h4Mvw==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-40ada02066e2ce3903f68f4f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qkaBCFOxcwNwijS7Vc887plbQwaF0qeFvKqtq1l22i0Ab7ZF1h4Mvw==

GET
H3 200 q2ZbwDh95WKyNtMuZKqIZa0Y.png
framerusercontent.com/images/ Frame 43DE 69 KB
70 KB 29ms
28ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/q2ZbwDh95WKyNtMuZKqIZa0Y.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

f72d0a5af37884e1b1b98c1d843591b5618a80cab198ce8e85cf4131dfde5524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9273305
x-amzn-requestid: 95e9b69a-0251-436a-88f6-acfa14840b49
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="l0jvfK8AgCfgi27ntG_LWUExyhlH082L-yiYSTrvkRs5APRCNLUJOg==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-62a3a44b33d91cba46c2e0b4;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: l0jvfK8AgCfgi27ntG_LWUExyhlH082L-yiYSTrvkRs5APRCNLUJOg==

GET
H3 200 VyL41pOzjpyf0ifC7GjerSeo3E.png
framerusercontent.com/images/ Frame 43DE 45 KB
45 KB 33ms
31ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/VyL41pOzjpyf0ifC7GjerSeo3E.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

12eb90ba365f5499e5dcca6dfa9e11e5e451e601f20c46d05cacfa45bbe0fa68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: 7a18f60e-5932-47f5-875d-17f2793f98fd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="fXo2tWljP2NxvNIklwQIshy4k9LU3r1DvngWJkVO3sa9sP3KEjsy8g==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-73b0f6ff3b15cf5703eadbaf;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: fXo2tWljP2NxvNIklwQIshy4k9LU3r1DvngWJkVO3sa9sP3KEjsy8g==

GET
H3 200 ly7hsGndYyaskNI1AqcxaAt6I.png
framerusercontent.com/images/ Frame 43DE 24 KB
25 KB 35ms
33ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ly7hsGndYyaskNI1AqcxaAt6I.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

4f452334c46c15d7198eb2155a3ec0d93ee81b7d1dfaaee86fe67532299b4f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: 26ed4e78-6421-49aa-8b87-e1be9f6ffb6f
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="tcjDcgr8aiDmaqs3Jg-znbRB8J6OlMoQjXVgkPlmZfs-vwgAi218bw==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-319c6f954b10e76e02e15a89;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: tcjDcgr8aiDmaqs3Jg-znbRB8J6OlMoQjXVgkPlmZfs-vwgAi218bw==

GET
H3 200 RVFtmFp0chpaTRBkxXKss5HkWuI.png
framerusercontent.com/images/ Frame 43DE 25 KB
26 KB 36ms
35ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/RVFtmFp0chpaTRBkxXKss5HkWuI.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

dc9d99b4069719085cc1a67a93350f47b0d97185bc95c4afc509b917ca2a5ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 19:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9273305
x-amzn-requestid: c054beb9-a99a-44c8-b6e4-8efd99661635
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="lkrwAh65pcGzqWbRYuXNQxz34K8RG5kVcmlCfuQEBo61wNhkTkNKpQ==",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6574c533-689e8b4f72eef1440beb86f3;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: lkrwAh65pcGzqWbRYuXNQxz34K8RG5kVcmlCfuQEBo61wNhkTkNKpQ==

GET
H3 200 wkMxGLA0wVGsaSgWt2doW86Zic.png
framerusercontent.com/images/ Frame 43DE 31 KB
32 KB 37ms
35ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/wkMxGLA0wVGsaSgWt2doW86Zic.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

5ac1c77c992ddf5093ee99f3128e769ce4e854e31d63a45a5c229fa012f3d27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917099
x-amzn-requestid: ba6827ad-aabc-411e-9dc2-dfa723dd0780
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="WiXWdr-uzSi_osHYRHG4qP-dWbJfMssE3pXfenXVRg0euGPL-yrUVg==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-644b15642b1ea7fc78e9b405;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WiXWdr-uzSi_osHYRHG4qP-dWbJfMssE3pXfenXVRg0euGPL-yrUVg==

GET
H3 200 UPxnowvsa2Fbt3lp5oDDFXRjROc.png
framerusercontent.com/images/ Frame 43DE 32 KB
32 KB 37ms
36ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/UPxnowvsa2Fbt3lp5oDDFXRjROc.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

af6eba57bf2517abf6514c8efc984691780db40d0468f1bf9e4d1f8687d0f3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9441135
x-amzn-requestid: e03300e0-9cad-43fc-8ab6-de726d6b5f30
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="aYKBVOJKuKp3PbV5S4-6YD-sftaHesOKP_IUvlSsH-X9P_RyNz8FjA==",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-765ffb934b7dbe1f748e348d;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: aYKBVOJKuKp3PbV5S4-6YD-sftaHesOKP_IUvlSsH-X9P_RyNz8FjA==

GET
H3 200 2Zx97veGwo826dqlIbR2hMKiY.png
framerusercontent.com/images/ Frame 43DE 85 KB
86 KB 30ms
29ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/2Zx97veGwo826dqlIbR2hMKiY.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

4dd34f61aca89d6bc803b2bd3feb6a97b9be91c52dc7cfb6bf64971b08b3f83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 05 Dec 2023 23:57:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9604122
x-amzn-requestid: c6578a5d-2b8c-483a-ac9d-b78066b234a7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="jaAhjY5uKsfPEAQBqU0xV6q1BfTUIj8PP-7Hti710AWmVceTJTuH6Q==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-656fb8f2-1a3284985a17b98d6b56e9b6;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: jaAhjY5uKsfPEAQBqU0xV6q1BfTUIj8PP-7Hti710AWmVceTJTuH6Q==

GET
H3 200 i6iRuC8inkOu49dyb2cMx7KLX9o.png
framerusercontent.com/images/ Frame 43DE 32 KB
32 KB 31ms
30ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/i6iRuC8inkOu49dyb2cMx7KLX9o.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

c04daf4d84b602e33cd55244de90765807629d32b9bec66402b61bbc9666995c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Dec 2023 21:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 9441136
x-amzn-requestid: d1276dde-ce3c-43b3-bdf2-19fb56353b67
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="qFrC6nFE1CMMv0SW8gxumzUOu9_DtsCwrwgwO5b0ox2MOQjOkXNb4g==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6572359c-6d94249e4d78cc9c47e01d91;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qFrC6nFE1CMMv0SW8gxumzUOu9_DtsCwrwgwO5b0ox2MOQjOkXNb4g==

GET
H3 200 4Um58dLygSHRrlUbzVAaCiPfHeE.png
framerusercontent.com/images/ Frame 43DE 61 KB
62 KB 33ms
32ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/4Um58dLygSHRrlUbzVAaCiPfHeE.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

d065eff191539c5a5e24a3a4f1bb8ff55a32c7701e34d57ae8b49ca555bdeb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 15 Dec 2023 02:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8816319
x-amzn-requestid: 76e437ee-349e-4296-8605-83da030eb99b
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="Qt_Yj4qpVVSJup5hE0QtXTJxFOjM2uxBmmUSC85p-TowEkY30Q4IMw==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657bbe4d-6fba888c030366654cd8e9e2;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Qt_Yj4qpVVSJup5hE0QtXTJxFOjM2uxBmmUSC85p-TowEkY30Q4IMw==

GET
H3 200 OwD5vj1mJJkrw8fQ4TLBsZu7VY.png
framerusercontent.com/images/ Frame 43DE 67 KB
68 KB 35ms
34ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/OwD5vj1mJJkrw8fQ4TLBsZu7VY.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

76d2ff093e6915059cf45b5a51b88ccd5e79c038e42ecd2cf5817403b6c52cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 22:48:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8917098
x-amzn-requestid: 78b339dd-e4b5-456c-bb1c-74370a5115ab
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="jDObGzQ0HsvRxETkHVcwyrk6BsXMgwMf-t-yMjNMkmNNmVUceoYzyg==",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-657a34a1-47094d6076a345a112379c31;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: jDObGzQ0HsvRxETkHVcwyrk6BsXMgwMf-t-yMjNMkmNNmVUceoYzyg==

GET
H3 200 xCQC3Wupbo8m3lPpUkDhzX5YD4.png
framerusercontent.com/images/ Frame 43DE 61 KB
61 KB 31ms
31ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/xCQC3Wupbo8m3lPpUkDhzX5YD4.png?scale-down-to=1024

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

052aad9f617143aa4ac1796210fe7d4b591bddfca04b80a52bb44382bf0fcaaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 Nov 2023 08:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 11302802
x-amzn-requestid: 9b6a1016-27a4-4c1c-bf6c-4dd5244f6e72
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="eazduxrzEWiV417OCnTLEUmDArwjsTi-jFlGhsUHtkE9rF5DTs170g==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6555cd7a-72716d0321980bee33a7f28e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eazduxrzEWiV417OCnTLEUmDArwjsTi-jFlGhsUHtkE9rF5DTs170g==

GET
H3 200 7dgusnBALjfsS0yucyysUvo9a8o.jpg
framerusercontent.com/images/ Frame 43DE 97 KB
97 KB 32ms
32ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/7dgusnBALjfsS0yucyysUvo9a8o.jpg

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

16e01cf649348ae4aa10d00073964eb618ddfe12fb19832485fb131dda930f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 22 Feb 2024 18:15:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2799023
x-amzn-requestid: f79f9e01-484c-4a08-bdbc-c2fddeffb140
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="HHLNTtETurQRQ858FeWGXc3ZIL3emAvrdeMY4IrNbo1wfccdUZ9EWQ==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65d78f5d-62e6045614e49c90304ec543;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: HHLNTtETurQRQ858FeWGXc3ZIL3emAvrdeMY4IrNbo1wfccdUZ9EWQ==

GET
H3 200 NI61TIlpX6TJbklIpHSie2tEpGE.png
framerusercontent.com/images/ Frame 43DE 65 KB
66 KB 31ms
31ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/NI61TIlpX6TJbklIpHSie2tEpGE.png?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

5e5037129f05b5364a856cbc1a8bfbbaad20aeca2fe2c43d8590a856c753d485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 Nov 2023 10:28:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10343867
x-amzn-requestid: 413005f5-e144-4729-aaee-163700256cfb
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="vkdakrmT5E1RfAT-OTIAqy1xCTqsri17lOxPXeeNpDrfR-BD-SClJA==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65646f51-5dc48f8225829ec367f04792;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: vkdakrmT5E1RfAT-OTIAqy1xCTqsri17lOxPXeeNpDrfR-BD-SClJA==

GET
H3 200 XjelGy0AgZXWBtmYgQFM6So2cZU.png
framerusercontent.com/images/ Frame 43DE 25 KB
26 KB 32ms
32ms Image
image/webp 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/XjelGy0AgZXWBtmYgQFM6So2cZU.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

a935b85e486d01cfd4d6367d1fa1cab1ae49196644c492860878cf959e332633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 17:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 15500906
x-amzn-requestid: c346a2e6-eb2d-43fb-9561-2d4dd1b33b36
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="HwKuVnXxVJ0P6T2GOrjsPV0zs8Sn3kA43Dg17sGm3_kczuTSf12-yg==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6515bea2-249c5b1462b996922d6bdf1c;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: HwKuVnXxVJ0P6T2GOrjsPV0zs8Sn3kA43Dg17sGm3_kczuTSf12-yg==

GET
H3 200 ENcVpm4LA7y23rHPsliWCOd8K5M.svg
framerusercontent.com/images/ Frame 43DE 37 KB
38 KB 32ms
32ms Image
image/svg+xml 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ENcVpm4LA7y23rHPsliWCOd8K5M.svg

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

fec8ecde0a3753bfd77b25f5aeffaaf8ef41f0744d77e2f32d5e46eab1a04a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 01:55:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10029069
x-amzn-requestid: 602448b7-7767-43ed-9698-66fdc76eb854
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="vsBabM92l2R1VjVxvzQfLKX29lED2mhSj1m0E8u-genYAy61foGuVQ==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65693cff-38eeff556792153857a1b87e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: vsBabM92l2R1VjVxvzQfLKX29lED2mhSj1m0E8u-genYAy61foGuVQ==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 458ms
456ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450d-49d28d2308e3aa182c13ce26;Sampled=1;lineage=c457ad49:0
x-amzn-requestid: ea8334b7-1622-460d-84a6-231864e12671
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6JHZjoAMESUQ=
content-length: 0
x-amz-cf-id: j4-dX1y_MUUqQP7CeUyU5cM74cSLbWcXOtE68jb2n0d2SSIFhKBcng==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 443ms
443ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450d-774749770e12cc295ac05afd;Parent=3894745bf4cc1cb6;Sampled=0;lineage=c457ad49:0
x-amzn-requestid: 8a6cf5b7-d657-45fb-b22a-55b6a8039188
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6KErJIAMEHcA=
content-length: 0
x-amz-cf-id: yO8osKKcIXG4QJ52QXtFZGgc08f2az31umasD1_vCpJYjheNueDwXA==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 378ms
377ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450d-2f160ff960e55949208a90ee;Parent=5432de104d0cc918;Sampled=0;lineage=c457ad49:0
x-amzn-requestid: 58442a35-aaf9-4fb2-91fe-9491bbbf75cc
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6JE8SIAMEnVQ=
content-length: 0
x-amz-cf-id: eI3uDfY5oQI6mIGXhqoFbd47N_ai3RX1M_PwGq3B8zZ8Zqts-2NRGA==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 462ms
462ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450d-23d645ad4a35f0b06f109b71;Parent=45d12185fe32914b;Sampled=0;lineage=c457ad49:0
x-amzn-requestid: 6c4ffe0b-6d8d-43cd-b4de-ad493c3db19b
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6KE_OIAMEZQA=
content-length: 0
x-amz-cf-id: zJ6RQPuID_rN9n7NOvaOWXY4QSV8mnnLvkd53q6BcapaRB1tV4GG1w==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 457ms
457ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450d-0054b4c50426729a0f0875f8;Parent=06859793f68614e3;Sampled=0;lineage=c457ad49:0
x-amzn-requestid: 9b008396-51a7-4d86-8a0f-4a95279cfa7f
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6JEg1IAMEGUg=
content-length: 0
x-amz-cf-id: 3LRrmlLUOjajFLST1p9ElhcR9v-UBzyCScBGufAo7LVy2AVeNq_A-A==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 220ms
220ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450d-47ef04951151bd7d737a5006;Sampled=1;lineage=c457ad49:0
x-amzn-requestid: fc8ae193-ee52-4aaa-9ebc-7fc8a2929fb6
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6IG3yoAMErZQ=
content-length: 0
x-amz-cf-id: GyY0UqCKJ_9sIAoQFO50qyqRWuBlG4ZXer9IMIyJO_b_Y-YQttOz4g==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 504ms
504ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450d-4409699a2d2041803d856166;Sampled=1;lineage=c457ad49:0
x-amzn-requestid: c9e40f00-a5f0-4c9d-ae70-36d0bf47e7a2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6LEiDIAMEGUg=
content-length: 0
x-amz-cf-id: gLRslcdklLmJIe3OzXLbdWOR05cNSptm0hTc8dmaSevLqKE073ZmpQ==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 449ms
449ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450d-5a9fc14a13fbd62e667dbf9d;Parent=3fed968fb90cdf37;Sampled=0;lineage=c457ad49:0
x-amzn-requestid: a9ed0d81-2739-4745-9031-bce3030f830b
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6LEnsoAMEacA=
content-length: 0
x-amz-cf-id: x28lUTTPCrtehB6zxmqocFhIVjQFvQbXLacE1tdFIj7KjFFoodq8Cg==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 381ms
381ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450d-017d7b961b3b09b56a75abf0;Parent=026fde1aa266ef9d;Sampled=0;lineage=c457ad49:0
x-amzn-requestid: df12485e-0b21-4838-8064-81d7f12e8b6e
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6KFQkIAMEjww=
content-length: 0
x-amz-cf-id: 0S7iPZF3Y1giZYyTq3nuK45LZ6GHQxrhegdmKgk_kU-YAtnCUhlwMQ==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 200ms
199ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450d-6172b16d087bba1468beb409;Sampled=1;lineage=c457ad49:0
x-amzn-requestid: 7aa2a96d-17fb-4a62-a5f8-ee8b3a891feb
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6IGdGIAMEN9g=
content-length: 0
x-amz-cf-id: BHf1T7JdStKOKS2Ct-QmHWFLqq2xL2P62OIg8yIQw5vMXTkvLro2xw==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 195ms
195ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450d-604affd333c461e56d903c68;Sampled=1;lineage=c457ad49:0
x-amzn-requestid: 38415659-9236-42bd-bc04-817e646b5252
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6JHCAIAMEtDQ=
content-length: 0
x-amz-cf-id: ThiXPKvvvv3wY9AwYFNeWwL8wvc_JqUndrOMQQs_GSR6HBei4oYc9Q==

POST
H2 200 anonymous
events.framer.com/ Frame 43DE 0
0 358ms
358ms Fetch
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: www2.biltrewards.com
URL: https://www2.biltrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-6602450d-157a8a691efa008b73e37f56;Sampled=1;lineage=c457ad49:0
x-amzn-requestid: d10691dc-46f4-4b9d-8b56-4f2987bd07c0
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: VN-6LEg-IAMEmsA=
content-length: 0
x-amz-cf-id: eIuwSJUS04gVkZ5H5UJzfXTWFiF7hbwVue6LK641PUnKReGdQeRlUA==

GET
H3 200 web Show response
edge.fullstory.com/s/settings/13PEW8/v1/ 6 KB
2 KB 158ms
157ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/13PEW8/v1/web
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bb86d91e3b389c31862f4b8bf4751da190f0cf386e9c1af4b193fb7f36754733

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPoUmzO-lW4wtfOkgcVxzbMcHw4xQuJlBxJihv_e3YHTyQYfR3LvVUO4pVJDbLzwqSD9Jg9CFXywjQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1711
last-modified: Tue, 26 Mar 2024 03:45:41 GMT
server: UploadServer
etag: "d5fea0673727ca3708f3b569cf2f2647"
x-goog-generation: 1711394141556026
x-goog-hash: crc32c=Jh5pAg==, md5=1f6gZzcnyjcI87Vpzy8mRw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1711
accept-ranges: bytes
content-type: application/json
expires: Tue, 26 Mar 2024 04:01:21 GMT

GET

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1711424780219&aid=b-00ri&se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=ht...

0
0

GET
H2 200 353467326379958 Show response
connect.facebook.net/signals/config/ 57 KB
13 KB 89ms
88ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/353467326379958?v=2.9.150&r=stable&domain=www.biltrewards.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7e5710bb56a4258eb388056db9b80ff99fe7cd0c9f2afc3c450a8513cb29f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Mar 2024 03:46:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=69, rtx=1, c=40, mss=1294, tbw=62803, tp=-1, tpl=-1, uplat=68, ullat=1
pragma: public
x-fb-debug: v0OepDnY3lxIW46sDpk4c0i4xoM0tWs978gDcZe/xpMzn+zX7tCfSPLodsKjveBhrkeZFvTC4wwtVETLiRmj6A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ENcVpm4LA7y23rHPsliWCOd8K5M.svg
framerusercontent.com/images/ Frame 43DE 37 KB
38 KB 21ms
21ms Image
image/svg+xml 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ENcVpm4LA7y23rHPsliWCOd8K5M.svg

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/1Cb499qb6fbDYOrLf1q7xd/chunk-EVVCVOZG.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

fec8ecde0a3753bfd77b25f5aeffaaf8ef41f0744d77e2f32d5e46eab1a04a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 01:55:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10029070
x-amzn-requestid: 602448b7-7767-43ed-9698-66fdc76eb854
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="KmjLHvuaCiiZOC-KczeeZtv7kuFy7QHsA1SjPnvzkf8QLzBhvHuC-A==",cdn-downstream-fbl;dur=1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65693cff-38eeff556792153857a1b87e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: KmjLHvuaCiiZOC-KczeeZtv7kuFy7QHsA1SjPnvzkf8QLzBhvHuC-A==

GET
H2 200 remediation_1711111645169.js Show response
cdn.userway.org/widgetapp/2024-03-22-12-47-25/remediation/ 107 KB
29 KB 46ms
45ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-22-12-47-25/remediation/remediation_1711111645169.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-22-12-47-25/widget_app_base_1711111645169.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 68a8026ffb1fc504b9ec92727aaaca5bf81ff7358a11efbf89614b18e21315b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 296
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 311755
x-accel-date: 1711113026
x-77-nzt: EgwBw7WvDgH3y8EEAAwBJRPCLgH3ZgMAAA
x-accel-expires: @1737032156
x-77-age: 312625
last-modified: Fri, 22 Mar 2024 12:49:36 GMT
server: CDN77-Turbo
etag: W/"8c5783fa8b62c220b4ee3093277ffa57"
x-77-nzt-ray: 908339303bac00a20d45026655c4ed15
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: YH8pdh8fVbOCVp5sqMe0eqKziJhLtanjmv1yOGOUnNECMSiFq3duAw==

GET
H2 200 UVSmUaxusw7M1GYM.json Show response
cdn.userway.org/remediations/consolidated/2055530/ 863 KB
112 KB 22ms
22ms XHR
application/json 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2055530/UVSmUaxusw7M1GYM.json
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 705cb58b6d8f249a2e6561f5f26c5c8215ccbbed4f6999b58a177b51ba973e0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 20bac96d0c0df74d5e600294d22661e6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-P1
age: 482
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 290698
x-accel-date: 1711134083
x-77-nzt: EgwBw7WvDgHXim8EAAwBnJIhJwH3cVMAAA
x-accel-expires: @1742648722
x-77-age: 312059
last-modified: Fri, 26 Jan 2024 19:09:21 GMT
server: CDN77-Turbo
etag: W/"c5c5889155a8211cb42cb207ea675922"
x-77-nzt-ray: 908339303bac00a20d4502662ff2cf15
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: Sp8rz7CbLUpy507oPviKpBaN7M8b_6QK6buFUgNPOACA8syGw1xOQg==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 19ms
19ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 9857ab0da41c7a88865f55b9cdc654ac.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 311760
x-accel-date: 1711113021
x-77-nzt: EgwBw7WvDgH30MEEAAwBnJIhJwH3hwEAAA
x-accel-expires: @1737032630
x-77-age: 312151
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray: 90833930d6aa55a10d450266dc098816
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: HXuHu4NNP8jQAUuNwUSsJaJptChRJzkmwb1j8NV35DDu6n_O5d4LJA==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 9700f12bc5b1f03fd6480e2b7838d596.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-P1
age: 485
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 311760
x-accel-date: 1711113021
x-77-nzt: EgwBw7WvDgH30MEEAAwBnJIhJwH3iAEAAA
x-accel-expires: @1737032629
x-77-age: 312152
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 90833930d6aa55a10d4502664d9e9416
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: RYY3zaJD9KcUPAbscbd2OwI47-ipsOfcmr8eMIIDk_3V8tfDhLBr3g==

GET
H3 200 ENcVpm4LA7y23rHPsliWCOd8K5M.svg
framerusercontent.com/images/ Frame 43DE 37 KB
38 KB 25ms
25ms Image
image/svg+xml 108.138.7.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ENcVpm4LA7y23rHPsliWCOd8K5M.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.7.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-11.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

fec8ecde0a3753bfd77b25f5aeffaaf8ef41f0744d77e2f32d5e46eab1a04a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www2.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 01:55:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10029070
x-amzn-requestid: 602448b7-7767-43ed-9698-66fdc76eb854
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-hit-layer;desc="EDGE",cdn-rid;desc="Hz_eu9rk3pmGw1AUiO6anYsL5x1a4gX7Gy4lY_mRDB_nOyiUODXwKQ==",cdn-downstream-fbl;dur=0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-65693cff-38eeff556792153857a1b87e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Hz_eu9rk3pmGw1AUiO6anYsL5x1a4gX7Gy4lY_mRDB_nOyiUODXwKQ==

GET
H2

200

p
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/p?dtstmp=1711424781390&aid=b-00ri&se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&wpn=lc-bundle&cd=.biltrewards.com&c=PH...
https://rp4.liadm.com/p?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424781390&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=ht...

43 B
240 B

464ms
114ms

Image
image/gif

34.197.103.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rp4.liadm.com/p?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424781390&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4
Protocol: H2
Server: 34.197.103.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-103-220.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.biltrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
x-pixel-event-id: 27c60907-57d9-4f03-b7f4-da172157bf36
content-length: 43
content-type: image/gif

Redirect headers

location: https://rp4.liadm.com/p?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424781390&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4
date: Tue, 26 Mar 2024 03:46:21 GMT
content-length: 0

GET
H2

200

p
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/p?dtstmp=1711424781390&aid=b-00ri&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&tv=v2.14.3&pu=https%3A%2F%2Fwww.biltrewards.com%2F&ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYW...
https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTE0MjQ3ODAyMTkmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaH...

43 B
241 B

462ms
112ms

Image
image/gif

34.197.103.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTE0MjQ3ODAyMTkmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaHN3ZHZkLi4uIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiRXJyb3I6IEVycm9yIGR1cmluZyBYSFIgY2FsbDogMCwgdXJsOiBodHRwczovL3JwLmxpYWRtLmNvbS9qP2R0c3RtcD0xNzExNDI0NzgwMjE5JmFpZD1iLTAwcmkmc2U9ZTMwJmR1aWQ9MDVlMjFlOWE2ODZlLS0wLi4uIiwiZmlsZU5hbWUiOiJ1bmRlZmluZWQifQ&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424781390&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4
Protocol: H2
Server: 34.197.103.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-103-220.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.biltrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
x-pixel-event-id: e12576b9-d090-416c-9bfe-dc2eb30ae7a5
content-length: 43
content-type: image/gif

Redirect headers

location: https://rp4.liadm.com/p?ae=eyJtZXNzYWdlIjoiRXJyb3IgZHVyaW5nIFhIUiBjYWxsOiAwLCB1cmw6IGh0dHBzOi8vcnAubGlhZG0uY29tL2o_ZHRzdG1wPTE3MTE0MjQ3ODAyMTkmYWlkPWItMDByaSZzZT1lMzAmZHVpZD0wNWUyMWU5YTY4NmUtLTAxaHN3ZHZkLi4uIiwibmFtZSI6IkFqYXhGYWlsZWQiLCJzdGFja1RyYWNlIjoiRXJyb3I6IEVycm9yIGR1cmluZyBYSFIgY2FsbDogMCwgdXJsOiBodHRwczovL3JwLmxpYWRtLmNvbS9qP2R0c3RtcD0xNzExNDI0NzgwMjE5JmFpZD1iLTAwcmkmc2U9ZTMwJmR1aWQ9MDVlMjFlOWE2ODZlLS0wLi4uIiwiZmlsZU5hbWUiOiJ1bmRlZmluZWQifQ&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424781390&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4
date: Tue, 26 Mar 2024 03:46:21 GMT
content-length: 0

POST
H2 202 page Show response
rs.fullstory.com/rec/ 87 B
288 B 197ms
137ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

14196431302464b67035d3be26eb7dfb3b18e4d638a369d5ed6b4d4ebb4177b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.biltrewards.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87

GET
H2 200 remediation-tool.js Show response
cdn.userway.org/remediation/paid/ 53 KB
20 KB 19ms
19ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1711111645169
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-22-12-47-25/widget_app_base_1711111645169.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9fe95b7e414e5f46bdf1dfabb4524b3118218f899144687b8e91073772c354c9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 619
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 311755
x-accel-date: 1711113026
x-77-nzt: EgwBw7WvDgH3y8EEAAwBJRPCNAH3IgIAAA
x-accel-expires: @1737032480
x-77-age: 312301
last-modified: Fri, 22 Mar 2024 12:49:41 GMT
server: CDN77-Turbo
etag: W/"de3b66dd2e6f9f57b9295aaadf0467b1"
x-77-nzt-ray: 908339303bac00a20d450266f57a811f
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: 5P-kOAM1JLjnVk6Mx1RLn0y1a4pwyEk9KU8asyP6FCGyFnF-sybnLQ==

GET
H2 200 UVSmUaxusw7M1GYM.json Show response
cdn.userway.org/remediations/consolidated/2055530/ 863 KB
112 KB 19ms
19ms Fetch
application/json 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2055530/UVSmUaxusw7M1GYM.json
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 705cb58b6d8f249a2e6561f5f26c5c8215ccbbed4f6999b58a177b51ba973e0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:21 GMT
via: 1.1 20bac96d0c0df74d5e600294d22661e6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-P1
age: 482
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 290698
x-accel-date: 1711134083
x-77-nzt: EgwBw7WvDgH3im8EAAwBnJIhJwH3cVMAAA
x-accel-expires: @1742648722
x-77-age: 312059
last-modified: Fri, 26 Jan 2024 19:09:21 GMT
server: CDN77-Turbo
etag: W/"c5c5889155a8211cb42cb207ea675922"
x-77-nzt-ray: 908339303bac00a20d450266fed20424
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: Sp8rz7CbLUpy507oPviKpBaN7M8b_6QK6buFUgNPOACA8syGw1xOQg==

GET
H2 200 favicon.ico
www.biltrewards.com/ 15 KB
3 KB 55ms
55ms Other
image/vnd.microsoft.icon 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.biltrewards.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9fff2bb0ae4e7b8399d2af77253fecd38540f21fbd2e5899f1459eec325a4cca

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud *.ada.support *.analytics.google.com *.biltcard.com *.biltrewards.com *.deviceinfresolver.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.segment.io *.sentry.io *.smooch.io *.transcend.io *.userway.org *.zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai *.biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' *.biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' *.activebuilding.com *.activebuilding.docker *.avalonaccess.com *.biltrewards.com *.securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' *.biltrewards.com *.doubleclick.net *.jamsadr.com *.soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: *.soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com *.google-analytics.com *.googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com *.doubleclick.net *.fullstory.com *.googletagmanager.com *.oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
content-encoding: br
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 03:46:22 GMT
strict-transport-security: max-age=63072000
age: 26443
content-disposition: inline; filename="favicon.ico"
x-xss-protection: 1; mode=block
referrer-policy: origin
server: Vercel
x-vercel-id: fra1::g8fnr-1711424782063-121821b49785
x-matched-path: /favicon.ico
etag: W/"8709c36a9447ce8f70f68b6627d2c739"
x-vercel-cache: HIT
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate

GET
H2 200 2055530 Show response
api.userway.org/api/br-links/v0/contribute/ 51 B
429 B 180ms
180ms Fetch
application/json 2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/contribute/2055530
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:22 GMT
etag: W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 51
x-service-version: apps-ddb67952

GET
H2 200 2055530 Show response
api.userway.org/api/br-links/v0/links/ 86 B
452 B 180ms
179ms Fetch
application/json 2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links/2055530
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3f7853bd4d6086be63374d96af8f4297718ae35b74698c30e362bf43a1d888a5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:22 GMT
etag: W/"56-Q78UpHasXJc4bkSkw+leqwZtTHI"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=300, public
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 86
x-service-version: apps-ddb67952

GET
H2 200 nav_menu_helper_1711111645169.js Show response
cdn.userway.org/widgetapp/2024-03-22-12-47-25/remediation/ 23 KB
7 KB 19ms
19ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-22-12-47-25/remediation/nav_menu_helper_1711111645169.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-22-12-47-25/widget_app_base_1711111645169.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 37f8550406bebf8003ec760c4c81fbe861e3d38a5bbbd069ae9d60358710f038

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
Origin: https://www.biltrewards.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Mar 2024 03:46:22 GMT
via: 1.1 b23911d471c22383c023eec862afc500.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-P1
age: 775
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 311753
x-accel-date: 1711113029
x-77-nzt: EgwBw7WvDgH3ycEEAAwBnJIhHwH3iAEAAA
x-accel-expires: @1737032637
x-77-age: 312145
last-modified: Fri, 22 Mar 2024 12:49:36 GMT
server: CDN77-Turbo
etag: W/"f270f813f648a284d50fe8f345c21bdc"
x-77-nzt-ray: 908339303bac00a20e450266f646a820
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: m79Jf38nyHelqbc7gBccrexmW8-O4vD5NThSuqp8tjt6jqhlH-PKng==

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.biltrewards.com%2F/DESKTOP/WIDGET_ON/ 77 B
455 B 193ms
193ms Fetch
application/json 2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.biltrewards.com%2F/DESKTOP/WIDGET_ON/status
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 03:46:26 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-4864f7c7

GET
H2 204 js_tracking Show response
tags.srv.stackadapt.com/ 0
154 B 109ms
108ms XHR
text/plain 3.65.91.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fwww.biltrewards.com%2F&uid=CLz8BddIbHunRwx9J6JGIQ&v=1&host=https%3A%2F%2Fwww.biltrewards.com
Requested by: Host: www.biltrewards.com
URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.65.91.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-91-158.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.biltrewards.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.biltrewards.com
date: Tue, 26 Mar 2024 03:46:30 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.redditstatic.com
URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_7lmxmkme_telemetry

Domain: conversions-config.reddit.com
URL: https://conversions-config.reddit.com/v1/pixel/error

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Domain: rp4.liadm.com
URL: https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/p	1970-01-21 04:59:44	Name: lidid Value: 62046992-acc7-4f42-89cd-4f9e9ef0a72b
.biltrewards.com/	1970-01-20 21:33:20	Name: _gcl_au Value: 1.1.243031715.1711424780
.biltrewards.com/	1970-01-21 04:59:44	Name: _ga_QLSYZKSM0E Value: GS1.1.1711424780.1.0.1711424780.0.0.0
.biltrewards.com/	1970-01-21 04:59:44	Name: _ga Value: GA1.1.1761835513.1711424780
.biltrewards.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .biltrewards.com
.biltrewards.com/	1970-01-21 04:59:44	Name: _lc2_fpi Value: 05e21e9a686e--01hswdvds7j36ss9b81f5bz73c
.biltrewards.com/	1970-01-21 04:59:44	Name: _lc2_fpi_meta Value: {%22w%22:1711424780072}
.biltrewards.com/	1970-01-20 21:33:20	Name: _rdt_uuid Value: 1711424780074.1ea133c1-9700-48d3-aa11-b636d361ba74
.mgln.ai/	1970-01-20 20:50:08	Name: arc_id Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IkltVmtPRGd6TXpReUxUQmlaVFV0TkdReU55MDVaVFZsTFRWaVlqSXlZVFF3TUdVeE15ST0iLCJleHAiOiIyMDI0LTA1LTI1VDAzOjQ2OjIwLjAwNVoiLCJwdXIiOiJjb29raWUuYXJjX2lkIn19--daa8c315fa5b54baac48ea2dbf71020d64a07278
.tiktok.com/	1970-01-21 04:45:20	Name: _ttp Value: 2eD2Ma3yK9kNEffbax7CWT2oiH3
tags.srv.stackadapt.com/	1970-01-21 04:09:20	Name: sa-user-id Value: s%3A0-985debac-62fa-50f9-43c5-4ab0df538288.eXRvWjz%2Ftu8%2BuE3x6GPyFNrhHKZuYu%2FmGf5wuaO3qQ8
.srv.stackadapt.com/	1970-01-21 04:09:20	Name: sa-user-id Value: s%3A0-985debac-62fa-50f9-43c5-4ab0df538288.eXRvWjz%2Ftu8%2BuE3x6GPyFNrhHKZuYu%2FmGf5wuaO3qQ8
tags.srv.stackadapt.com/	1970-01-21 04:09:20	Name: sa-user-id-v2 Value: s%3AmF3rrGL6UPlDxUqw31OCiNly2hU.yQ6XRCEURkXx0yPhzZAL03s6iIeitZnF9Q%2FacRrgxUw
.srv.stackadapt.com/	1970-01-21 04:09:20	Name: sa-user-id-v2 Value: s%3AmF3rrGL6UPlDxUqw31OCiNly2hU.yQ6XRCEURkXx0yPhzZAL03s6iIeitZnF9Q%2FacRrgxUw
tags.srv.stackadapt.com/	1970-01-21 04:09:20	Name: sa-user-id-v3 Value: s%3AAQAKIEk5PelArlFu-eO_xYNe-_o2IH1nxzUUwyAoZqAVxLaFEHwYBCCMiomwBjABOgT7-sM6QgRp8Tvz.w4Dce8bbO6XOk0GVq83k27gVIubOTv%2B1Gmm2PQ%2Fr3jc
.srv.stackadapt.com/	1970-01-21 04:09:20	Name: sa-user-id-v3 Value: s%3AAQAKIEk5PelArlFu-eO_xYNe-_o2IH1nxzUUwyAoZqAVxLaFEHwYBCCMiomwBjABOgT7-sM6QgRp8Tvz.w4Dce8bbO6XOk0GVq83k27gVIubOTv%2B1Gmm2PQ%2Fr3jc
www.biltrewards.com/	1970-01-21 04:09:20	Name: sa-user-id Value: s%253A0-985debac-62fa-50f9-43c5-4ab0df538288.eXRvWjz%252Ftu8%252BuE3x6GPyFNrhHKZuYu%252FmGf5wuaO3qQ8
www.biltrewards.com/	1970-01-21 04:09:20	Name: sa-user-id-v2 Value: s%253AmF3rrGL6UPlDxUqw31OCiNly2hU.yQ6XRCEURkXx0yPhzZAL03s6iIeitZnF9Q%252FacRrgxUw
www.biltrewards.com/	1970-01-21 04:09:20	Name: sa-user-id-v3 Value: s%253AAQAKIEk5PelArlFu-eO_xYNe-_o2IH1nxzUUwyAoZqAVxLaFEHwYBCCMiomwBjABOgT7-sM6QgRp8Tvz.w4Dce8bbO6XOk0GVq83k27gVIubOTv%252B1Gmm2PQ%252Fr3jc
.biltrewards.com/	1970-01-21 04:45:20	Name: _tt_enable_cookie Value: 1
.biltrewards.com/	1970-01-21 04:45:20	Name: _ttp Value: Ntb9FSwmLsu7RQq59f52b7cYeiY
.tapad.com/	1970-01-20 20:50:08	Name: TapAd_TS Value: 1711424780500
.tapad.com/	1970-01-20 20:50:08	Name: TapAd_DID Value: 8d7e58b8-0496-417a-a8a0-f85a59e447fa
.tapad.com/	1970-01-20 20:50:08	Name: TapAd_3WAY_SYNCS Value:
.liadm.com/	1970-01-21 04:59:44	Name: lidid Value: 62046992-acc7-4f42-89cd-4f9e9ef0a72b
.biltrewards.com/	1970-01-21 04:09:20	Name: ajs_anonymous_id Value: 9fed8512-dfd8-498e-b089-3a9ea9f84932
.clerk.decagon.ai/	1970-01-20 19:23:46	Name: __cf_bm Value: s.gGM623.2hgEZzWtBLJ.fucWpOrdqM5gaNE7ngrN.E-1711424781-1.0.1.1-3CzaXvG5BZHdOWeWoBM7iU8Euyu1.E.Bh6GsB9nQZNXblXP.m2bUQOjYzgbdONLpjQT0yIevJCpAjigb82294Q
.clerk.decagon.ai/	1969-12-31 23:59:59	Name: _cfuvid Value: AghmYbR4hzTLv5yhFgfsq5YW84L4XUscVgzgVxPaO.c-1711424781689-0.0.1.1-604800000

68 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js Message: Refused to connect to 'https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_7lmxmkme_telemetry' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
security	error	URL: https://www.biltrewards.com/_next/static/chunks/5902-991095c944b75a9f.js Message: Refused to connect to 'https://conversions-config.reddit.com/v1/pixel/error' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://id.biltrewards.com/public/user/authentication/token Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://www.biltrewards.com/terms?_rsc=acgkz Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js(Line 8) Message: Refused to connect to 'https://analytics.pangle-ads.com/api/v2/pangle_pixel' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.biltrewards.com/terms/bilt-platform-terms-of-use?_rsc=acgkz Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/ Message: Refused to connect to 'https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&n3pc=true&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/ Message: Refused to connect to 'https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/ Message: Refused to connect to 'https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://www.biltrewards.com/ Message: Refused to connect to 'https://rp4.liadm.com/j?se=e30&duid=05e21e9a686e--01hswdvds7j36ss9b81f5bz73c&aid=b-00ri&cd=.biltrewards.com&dtstmp=1711424780219&tv=v2.14.3&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY%3D&pu=https%3A%2F%2Fwww.biltrewards.com%2F&c=PHRpdGxlPkJpbHQgUmV3YXJkczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlR1cm4gcmVudCBwYXltZW50cyBpbnRvIHJld2FyZHMuIEpvaW4gdGhlIG9ubHkgbG95YWx0eSBwcm9ncmFtIHRoYXQgcmV3YXJkcyB5b3UgZm9yIHBheWluZyByZW50IOKAlCBubyBtYXR0ZXIgd2hlcmUgeW91IGxpdmUuIj4' because it violates the following Content Security Policy directive: "connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com".
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/353467326379958?v=2.9.150&r=stable&domain=www.biltrewards.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 87) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.biltrewards.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; child-src 'self'; connect-src 'self' ws: analytics.tiktok.com east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai rp.liadm.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com onlineleasing-dev.related-dev.com:60154 onlineleasing-int.related-dev.com onlineleasing-uat.related-dev.com onlineleasing.related.com openboxsoftware.com openbox-redirect.wiremockapi.cloud .ada.support .analytics.google.com .biltcard.com .biltrewards.com .deviceinfresolver.com .facebook.com .google-analytics.com .googletagmanager.com .segment.io .sentry.io .smooch.io .transcend.io .userway.org .zdassets.com analytics.google.com biltrewards.ada.support biltrewards.zendesk.com cdn.plaid.com cdn.segment.com cognito-identity.us-west-2.amazonaws.com docv-prod-api.alloy.co edge.fullstory.com ipgeolocation.abstractapi.com js.verygoodvault.com js3.verygoodvault.com maps.googleapis.com rs.fullstory.com sdk.iad-05.braze.com snippet.meticulous.ai stats.g.doubleclick.net tr.snapchat.com transcend-cdn.com user-events-v3.s3-accelerate.amazonaws.com vercel.live vgs-collect-keeper.apps.verygood.systems vitals.vercel-insights.com www.air-port-codes.com ; default-src 'self' snippet.meticulous.ai .biltrewards.com cdn.plaid.com www.google.com www.gstatic.com ; font-src 'self' .biltrewards.com cdn.userway.org fonts.googleapis.com ; frame-ancestors 'self' .activebuilding.com .activebuilding.docker .avalonaccess.com .biltrewards.com .securecafe.com avalonaccess.com bilt-qa.framer.website rp.ams-dev-avalonbay.com www.hqo.co www.hqo.com www.hqoapp.com ; frame-src 'self' .biltrewards.com .doubleclick.net .jamsadr.com .soul-cycle.com alloysdk.alloy.co biltrewards.ada.support cdn.plaid.com cdn.userway.org decagon.ai js.verygoodvault.com js3.verygoodvault.com mailto: .soul-cycle.com sync-transcend-cdn.com tr.snapchat.com vercel.live www.datocms-assets.com www.google.com www.googletagmanager.com ; img-src 'self' data: https: east.srv.stackadapt.com eu.srv.stackadapt.com mgln.ai srv.stackadapt.com tags.srv.stackadapt.com tvspix.com uw.srv.stackadapt.com .google-analytics.com .googletagmanager.com ; media-src static.biltrewards.com www.datocms-assets.com stream.mux.com ; object-src 'self' www.datocms-assets.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' b-code.liadm.com cdn.mgln.ai east.srv.stackadapt.com eu.srv.stackadapt.com qvdt3feo.com srv.stackadapt.com tags.srv.stackadapt.com uw.srv.stackadapt.com www.redditstatic.com .doubleclick.net .fullstory.com .googletagmanager.com .oktacdn.com analytics.tiktok.com api.smooch.io cdn.deviceinf.com cdn.plaid.com cdn.refersion.com cdn.segment.com cdn.userway.org cdnjs.cloudflare.com connect.facebook.net decagon.ai fullstory.com js.verygoodvault.com maps.googleapis.com sc-static.net snippet.meticulous.ai static.ada.support static.zdassets.com tr.snapchat.com transcend-cdn.com vercel.live www.google.com www.googleadservices.com www.gstatic.com ; style-src 'self' 'unsafe-inline' east.srv.stackadapt.com tags.srv.stackadapt.com eu.srv.stackadapt.com srv.stackadapt.com uw.srv.stackadapt.com *.biltrewards.com cdn.userway.org transcend-cdn.com ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.tiktok.com
api.userway.org
b-code.liadm.com
biltrewards.com
cdn.deviceinf.com
cdn.mgln.ai
cdn.plaid.com
cdn.segment.com
cdn.userway.org
connect.facebook.net
conversions-config.reddit.com
decagon.ai
edge.fullstory.com
eu.mgln.ai
events.framer.com
flags.biltrewards.com
framerusercontent.com
id.biltrewards.com
mgln.ai
o441793.ingest.sentry.io
pixel.tapad.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rs.fullstory.com
static.biltrewards.com
sync-transcend-cdn.com
tags.srv.stackadapt.com
transcend-cdn.com
tvspix.com
vitals.vercel-insights.com
www.biltrewards.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
www2.biltrewards.com
conversions-config.reddit.com
rp4.liadm.com
www.redditstatic.com
108.138.7.11
13.33.187.92
151.101.1.140
172.217.16.130
172.217.16.136
172.217.18.100
172.66.43.60
172.67.136.129
173.222.108.40
2001:4860:4802:32::36
2600:1f14:5db:eb22:9c4:b8ed:e9b8:1e73
2600:1f18:730:b120:fe0b:9d50:54cc:3f2e
2600:9000:2490:8200:d:ada1:a280:93a1
2600:9000:275d:aa00:8:8845:1500:93a1
2606:4700:20::ac43:484f
2606:4700::6812:6f8
2a00:1450:4001:802::2003
2a00:1450:4001:810::2008
2a02:6ea0:c700::10
2a03:2880:f084:105:face:b00c:0:3
2a04:4e42:200::396
3.160.150.114
3.65.91.158
34.110.183.245
34.111.113.62
34.117.79.164
34.120.195.249
34.160.241.76
34.197.103.220
34.251.175.250
35.186.194.58
35.201.112.186
35.241.5.91
44.231.85.219
52.223.52.2
76.76.21.21
76.76.21.61
99.86.8.175
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364
0344d881cc333973c5860de042de941d42aa1ab2eba1c6418920fb7e9c1bc46f
052aad9f617143aa4ac1796210fe7d4b591bddfca04b80a52bb44382bf0fcaaa
09cbe8bf5c69cd627906b8da49872816f098d7cfcd314e9088c65e18e8909002
0ca8160a692d2ede5ba928e6b91500ca2e3b41bce9f4da9ac974b7df22f03cfb
0caaed1508f164e113063d5e0e7230d242ce28e70626b810496c46c6bb67501c
0f21a3f784c0a180951483e44e8878606dd7e74c330a40afdcabfd998bd9ed9e
10ed612bf01181f7831121fba1f8755689e77062486ac6f8578eab7403733f82
118582ac1cf7e0f1fd21d342075d79b0efffb67feeb65a8dc519f1dcc17be257
12eb90ba365f5499e5dcca6dfa9e11e5e451e601f20c46d05cacfa45bbe0fa68
138dc998424a6f8f578ae8fe723a4c0d5cf3822795319642f4eeedb6c66a7244
14196431302464b67035d3be26eb7dfb3b18e4d638a369d5ed6b4d4ebb4177b7
16c8ce0020feedc9ba2a4ae6860899e8bce45f1d572e5900063b9fad8568d8a3
16e01cf649348ae4aa10d00073964eb618ddfe12fb19832485fb131dda930f2d
18316abe74ac65f47a5d06b502b51d04cf1e91848379da81bbd7448346f8aba5
188768601044fa9d36f7e8318b53e650a64fb03b28c2b04eb8b99facdadce63e
193f70e3ef4fb576a502cd67546306e9ec798eb04db2cbb8f42e19b719f75fe4
1d6ec88f567df6145ff31cc4f634d8c576965b5572838f97f9de77af6c3d3239
20b99a9ae587853441143a0738df5a9b3d65670ee8bdb500ae802e1564b1b428
2118dd199c07f6a33a106ffd904bf6286602d097d82f26f73035a8dece4adbf6
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697
2b6ffa1fda482766ba9db7607cf480fea2d6e045ea6d629cb1006b1384f43d3b
2f543ba6ad9acd2c8bbd2d094b64fcfc090d026d600591b23e8324fd1d014b42
36fe8d60c96300f39cef881c83445907bb7a1d0f00b71ffaf38916bc08f99585
37f8550406bebf8003ec760c4c81fbe861e3d38a5bbbd069ae9d60358710f038
38ff9e4f2b2974d39d0461a82ef82680b3b0cf712a0b2ebe5b7bb712c82c1b9f
39e2844db8d5dccd00488dd7d9e1a76ba7d81f7f799e45e56d3bc3728b54ed5a
3a61375e44fd14535935364ba62f844371eb9fb77ad0e4437720086719fa0da7
3cdfc45291898f113cf74b9db84cd914b2069a1bf948e51665789a627186f342
3d8d7bae594dd199f2ef12cbebbfcb193e301e7bd987eb0ece6e5102f2beda4c
3e12cb695307b2703bce81c01aaeaf24cf0aa0602c8307458ea4f117719fb6ac
3f7853bd4d6086be63374d96af8f4297718ae35b74698c30e362bf43a1d888a5
409c45f4c5dba51089b142af082a8c9595854b2d225b02996347b00d92d2a95d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ccd0c0f3d7a88ddbae1648ae059a9e2a52540e691a7af0df30e4d3b2292bbc
46aa7c5d65e6da5049fa9e60e8504241f5014ca7e8a633c7d6905c576ec21145
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4b0bb6d8a058a42f5caa03df8bb35b72fed5a1987f6e10602ceb384ddb10d41a
4c64c0418bf3e7b1432b463691b4134b83ab6e4d459deebfb7a6e9df4d9e1c29
4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7
4dd34f61aca89d6bc803b2bd3feb6a97b9be91c52dc7cfb6bf64971b08b3f83a
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
4f452334c46c15d7198eb2155a3ec0d93ee81b7d1dfaaee86fe67532299b4f7c
500ba18736d9e2fc79546b0f1ff540b8d022a0405718c9c460e6da300f18f7d3
52c2f4e7ae21624ef4ca9b38c4b0bd703fc2b6255167fa088377c0656530486b
52ea1136d79c3a7ebe4f345fdec565e4bac855aeb6ae4dafb54b7b7f29edb881
5301795a6b41d47880c38848382c017bf424c9d840f8509dd1bd32df4c12afab
53705bf478d47132963db34c4b8e919ef343eed76cf82d16532aa3c3342ed27b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56ed889bf113761a49404e292b16e419e8c1a1e290f0afa86e46f9aa519197f9
58888f87f259719b4e4c83c062290f5828decd4b761e775b122fa0dd47783441
5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427
5ac1c77c992ddf5093ee99f3128e769ce4e854e31d63a45a5c229fa012f3d27b
5d9df2764c7d56ded13faf14e7235e19ae3232be0f54e8ddd60ed76e6339f3af
5e5037129f05b5364a856cbc1a8bfbbaad20aeca2fe2c43d8590a856c753d485
5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312
605070c44d16a9e391ed4c68a3e48dd0efd48f7939cfa088916f39bd18feaa0f
6162a259efcc903ece88a8301a46b44e3a77c220b3752c01eb02caa0af358870
6453508d032caa771b0ddd00791fba5b71ddfc35cf4bb4d5f5cde5996a9c8111
68a8026ffb1fc504b9ec92727aaaca5bf81ff7358a11efbf89614b18e21315b1
6a0f26587ad58ce7c24e5bfc71c13653e49cd8525604a3faa6595d7fd20c40ba
6ba51e661ea99d73f18d67c0759bdfa54b3c409cab8308cccb0b4e94e6750ce5
6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e
705cb58b6d8f249a2e6561f5f26c5c8215ccbbed4f6999b58a177b51ba973e0b
7381dabfeed2ef218e9ddb83a50ff19577e03e6c0c067d0f2e7f53d8496e531d
76d2ff093e6915059cf45b5a51b88ccd5e79c038e42ecd2cf5817403b6c52cd2
76eb6e919e16fb2d7f371bc82268e202723b5d022aea7ad97c6b43dfaa115a33
79ccbd0e8a92a156846969b08bbcb223f9b6052138c1a08c94bea40422ff150d
7ac3cd56eadcd424cbadfd038defd683d1c72bf1ddaae70b3c643401f088a880
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
7e9a6836b171f4587dd193f71510537bae99c29c96f5b72ae0882d524c8c64e7
7fe49fbb635916cad080c5daf71c3497881aceca76fc71b300c426ca3193dece
84699ac3ebafd533bb69251643067471aa56ed453a127636e8708311edc145ad
85f5de4dc60ee136c7f141c4999ed8ab88b9bf0aed3a5806f9cbc4283a901b0f
8b2bceb15f2fac51a49b570f0acd48428b768f40b01e38f0bcb9c3d99de0d840
8eed86611e7aac5260397f393133a620406e61bdd845dec141b66fe376003031
8f0120e0189536f077e550f982fe1487fa021c0665295cc93095ebc50a872926
8fac5963cf08bccb52ed83675b4ab217e5c9dcf28d37f50f9b0f023fc0a9b783
9182e5785106498f498602328fe7137d757143fcf66ff2f263ac75f3ca54d7e2
926667709735abc354694cafe5a6f921534e361a9a44fa1fb553a09a6f934d68
952562069eacee02ee155b3de4906103a16bfa1100d12f1381185c1fa5b8520c
9675f2c47b2cbc7dbce3ed06cc60e88f36f3915dc9472c86c9d0e7b37fe17488
990fba98068c77b0616f1d04a1df3ae1e0b6a0fe19809beb34864ab99044ba78
9ba48794b55ef4e4a86b321ac15c7e29fe0b820b9c6cf851cc8a3f203e73deea
9e16d83a2c1724e2cbfd819c46e35e26b7911de8678342fc0d6a00e277764306
9fe95b7e414e5f46bdf1dfabb4524b3118218f899144687b8e91073772c354c9
9fff2bb0ae4e7b8399d2af77253fecd38540f21fbd2e5899f1459eec325a4cca
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a6d07ea42c45d0cc8a159fdd03d06ea4428767f9d578347a75c2c79bec3293ac
a935b85e486d01cfd4d6367d1fa1cab1ae49196644c492860878cf959e332633
aa4ddb0e0c3bda5d6e61d56a544a7ff9ea3691eaa5126187daa6ed1875ba93e7
aa7e5710bb56a4258eb388056db9b80ff99fe7cd0c9f2afc3c450a8513cb29f3
ab32bc58349446cd3c8761af45640b13ed01073a6553e5779a9b03852d591ca4
ab6c7fe241de4b6bac4a005db3753fa9608a1abfba9c5992e7dec7ba9c06f770
adf88ed82bd50c4a79b68503bc223b7dec53ac990a45aa2ca91b798618c05f26
ae3cd625206f3b22398ce3e5ffcc22c2a6ff95a535e7c4addbfb7e7e2d146ace
ae4626d73dba7dc3c0bf84b05554f94e85940e53bf06dacfe25d8b71455bc3d1
af6eba57bf2517abf6514c8efc984691780db40d0468f1bf9e4d1f8687d0f3ec
b02546b57554da630a4827a7755b1f72d22374513f811dc0590ebe942758cbfa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b220223a8800d05dc359ab6bd8cb71e35cf06dde9bedc2f5d9014df3b1e4e1ac
b2e3f16ae511e86bb8f35bedc5ec535f6db1a240e256ea032e0d295ec9231d06
b3c03f17029f497fe1bf6a3444a93bd564779b9258ca4afa85f652f74b2b2c7d
b68d680fe22c79281c483a6cff939bfb690bd8154752a75e1c0466e0826ff4dc
b758c20d70f6b20fa85f31c23b9dea1ad5551a1cfd9ed56485c63cc592b2a15b
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
bb86d91e3b389c31862f4b8bf4751da190f0cf386e9c1af4b193fb7f36754733
bd4c3a41eccea0d5704ed6eb9cd22d25242dddb210cf8e5075b542a8af7cd9fb
bd74db3897814eea3855e048e8896dfd9afa3cf6b76df3a85c8b897d3cd502f9
bdb43885d32a665b4f99e3d26c33b12b678b29bc634a5f40039532177074a016
c04daf4d84b602e33cd55244de90765807629d32b9bec66402b61bbc9666995c
c2f14ac6aa2d1007f23dbc8cd5535ae456550e6b6cec1114a60d56610e526861
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c519dbc1262e2eae86cad5d0fed1b32d1e68e77c6bef3088b6cd0dd3fbf00635
c5a117528329738aff06f1a4fa77201064d66c403b2bf7cc1724d4a3b957cecf
c5b3b178dc8df3767511096744a36ee3edcee7ed62be5f8504244e6b70cf7398
c6766c0023287016eb2dbee6bd49a65ef0c93ea42c16aaac58baecfea71ae49d
ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d
cc4e37d9baf9b5931e355841de300fdb470ce47b75695eb0bca2ba6766dc54cc
cf864361a24b9afe094f76d502d804e878318535e9479c428babec04f792bb76
d065eff191539c5a5e24a3a4f1bb8ff55a32c7701e34d57ae8b49ca555bdeb31
d0d7f1099e8a38877c4481bd8b9d4a85f48aa2018c43e03bc4859849ea7887c5
d2086fef391221a13d759836370ef5bae70c15e1389eb6504dc3a31c987e0a88
d2e7974e58a34293fe1a5e5ca4f9525bf35ff509b98d2b7aebe50d7a6f57d718
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d5781b6843de18ff323984b25323f02a17ccbd6d984ea170e8f0f290272031bb
d73a6fb16be01ec82a5742ccc4f5f771276aa0b1f6f793d96296642ddf15233e
d85f6d8aada92f5096c64f8f75a1fb737ead4bb8b8f7f905dc8012ff17a2b16b
da70c773cd3a8d489bad7c03fb89b63053843aa52c0545749df089a08e64f78f
db8dee9ad499fb9b623de94c004b284d5529c842c2822340d4ad2f2f8f44968c
db9c28d70f03728ad94c11d34cea446ed992aaa6167344d3eb362379f7fdaaf0
dc9d99b4069719085cc1a67a93350f47b0d97185bc95c4afc509b917ca2a5ee8
dd70f11defb6813d738ec19081b31f76cc578f49db6b783142268c28a2182758
de8f2ac57087767409b0bb4025e88c1ebb0fd18e0e73144e4ac15997f3350821
e2ca97016a5c7173d0d465ace4fc7994c40cf59af44d0c63a2c72c4c6d35c905
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99
e7d6db02d371f6199fcd30f7d43ae8625d25137986906c8e44c522ba999f60d8
e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db
ea9ed2f612e41fcd700060fad5eff94165c56fb549e6334173177b4a540a5a9d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066807b17348a537404044b05d4a9ef19507b9f3f1da220202e83f84d9b36e0
f422f925915513f143a6eee36301ae4d38627dc7007c51abd711e6b5baeb1f04
f451ccd1b82076cdf339b4c512eb3363a898c580776fe8e2a4242ffea352b4a1
f72d0a5af37884e1b1b98c1d843591b5618a80cab198ce8e85cf4131dfde5524
f87a3392313500de980b01445d72f2f7e95bc0d26d5f938bb2f1a7ab569caf98
fa10a41a8fd89e1784da2ae09f9d4f1cee48e98161e3ab35ec20cd9e2d9fba47
fa7e514331c85e2bff2ab629fc901146eaec70a8fbfd84ee6dc9242dbb9d0030
fea3a6970ec3a1d6d7ec8758981775414b0e44667ba41be37aceca4c8b4bfe52
fec8ecde0a3753bfd77b25f5aeffaaf8ef41f0744d77e2f32d5e46eab1a04a42
ff54e9b2209db7e90df95ee8523a1176d4c14d06b413cc817dfbbda6d64a03e1
ff65c7581b6b14184d2d6ab9ebe9416b06fcbb86c3a7a32ca30b3bc7871256a4

www.biltrewards.com Open in urlscan Pro 76.76.21.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

256 Requests

96 %HTTPS

32 %IPv6

27 Domains

39 Subdomains

36 IPs

4 Countries

7538 kBTransfer

17020 kBSize

28 Cookies

11 Outgoing links

Page URL History

Redirected requests

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 22 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.biltrewards.com Open in urlscan Pro
76.76.21.61 Public Scan

Screenshot
Live screenshot

Full Image

256
Requests

96 %
HTTPS

32 %
IPv6

27
Domains

39
Subdomains

36
IPs

4
Countries

7538 kB
Transfer

17020 kB
Size

28
Cookies

256 HTTP transactions
22 data transactions