www.usarewardspot.com

Summary

This website contacted 4 IPs in 1 countries across 6 domains to perform 5 HTTP transactions. The main IP is 2606:4700:30::681c:bfc, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.usarewardspot.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 25th 2018. Valid for: a year.

This is the only time www.usarewardspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.6.184.170 52.6.184.170	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 3	206.214.78.132 206.214.78.132	62904 (EONIX-COM...) (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation)
1 1	52.70.249.238 52.70.249.238	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 3	2606:4700:30:... 2606:4700:30::681f:5d45	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3 4	2606:4700::68... 2606:4700::6811:ec32	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::681c:bfc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	4

1 52.6.184.170 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-6-184-170.compute-1.amazonaws.com

track.jobtrkr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 206.214.78.132 (Henderson, United States) 1 redirects

ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US)

jasminepaludal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.249.238 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-70-249-238.compute-1.amazonaws.com

c.spnccrzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:30::681f:5d45 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.surveysandpromotionsusa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:ec32 (United States) 3 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.amarktflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681c:bfc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.usarewardspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	amarktflow.com 3 redirects www.amarktflow.com	6 KB
3	surveysandpromotionsusa.com 2 redirects www.surveysandpromotionsusa.com	8 KB
3	jasminepaludal.com 1 redirects jasminepaludal.com	114 KB
1	usarewardspot.com www.usarewardspot.com	9 KB
1	spnccrzone.com 1 redirects c.spnccrzone.com	2 KB
1	jobtrkr.com 1 redirects track.jobtrkr.com	426 B
5	6

	Domain	Requested by
4	www.amarktflow.com	3 redirects www.surveysandpromotionsusa.com
3	www.surveysandpromotionsusa.com	2 redirects jasminepaludal.com
3	jasminepaludal.com	1 redirects jasminepaludal.com
1	www.usarewardspot.com	www.amarktflow.com
1	c.spnccrzone.com	1 redirects
1	track.jobtrkr.com	1 redirects
5	6

This site contains links to these domains. Also see Links.

Domain
tempestsw.com
www.cloudflare.com

Subject Issuer	Validity	Valid
sni205923.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-02-04` - `2019-08-13`	6 months	crt.sh
ssl385335.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-27` - `2019-04-05`	6 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-10-25` - `2019-10-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.usarewardspot.com/default.aspx?Flow=14DFA36E-2CBA-FF63-0C3E-609127B1C063DB63355C&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False
Frame ID: A80C4958AE5D3CA61E9A4A0440C6F3DB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://track.jobtrkr.com/?xtl=116w7n4vtvax21af8c4ukiwazdg82htbm9bqsm5taqwutr9cz77or6ii5xk790yit16udwh... HTTP 302
http://jasminepaludal.com/clicks?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4= HTTP 301
http://jasminepaludal.com/clicks/?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4= Page URL
http://c.spnccrzone.com/?r3x=bsUdeQUN9OFDVDft1wOUGs%2fdfoNou2cu-B3CPMOFeN%2fc%3d&s1=201386&s2=NzU4ZT... HTTP 302
https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=2051... Page URL
https://www.surveysandpromotionsusa.com/cdn-cgi/l/chk_jschl?s=e4023624d6ed8b6d862a73539f0deb6932ba2c39-1550590330-18... HTTP 302
https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=2051... HTTP 302
https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26re... Page URL
https://www.amarktflow.com/cdn-cgi/l/chk_jschl?s=81660755b87960d70bd883d3a64e3f4f6b1baa28-1550590334-18... HTTP 302
https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26re... HTTP 302
https://www.amarktflow.com/default.aspx?Flow=c55c9d6f-e3b3-444e-8336-01fa5764e0a1&&PubSrc=%26PubSrc%3D%... HTTP 302
https://www.usarewardspot.com/default.aspx?Flow=14DFA36E-2CBA-FF63-0C3E-609127B1C063DB63355C&&PubSrc=%26Pu... Page URL

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

5
Requests

60 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

4
IPs

1
Countries

135 kB
Transfer

133 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://tempestsw.com/nightingalesguilt.php?c=0
Title: table

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/5xx-error-landing?utm_source=iuam
Title: DDoS protection by Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://track.jobtrkr.com/?xtl=116w7n4vtvax21af8c4ukiwazdg82htbm9bqsm5taqwutr9cz77or6ii5xk790yit16udwhxp0a4ik78angbr51bxt7p6egx1cfgljserfe3edx5im3cvlqxixaalfm671wd6aqhc3t3vu983tib96chjnp7ffutnthjnuguwxpckg4owypdv2f88oj9d&eih=lwf65cihufj0wrwusphht3fa9cnjennl HTTP 302
http://jasminepaludal.com/clicks?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4= HTTP 301
http://jasminepaludal.com/clicks/?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4= Page URL
http://c.spnccrzone.com/?r3x=bsUdeQUN9OFDVDft1wOUGs%2fdfoNou2cu-B3CPMOFeN%2fc%3d&s1=201386&s2=NzU4ZTVhOTVkMjNlNDg5OGEyNTk3NmRkYTM1NGY2NTQ&s3= HTTP 302
https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=205101&subaff1=201386&subaff2=196712&subaff3=95104&subaff4=Amazon100CPA2&DVID= Page URL
https://www.surveysandpromotionsusa.com/cdn-cgi/l/chk_jschl?s=e4023624d6ed8b6d862a73539f0deb6932ba2c39-1550590330-1800-AdVt%2FdsOFfLJBXZFJjGKN2ye9Zd3qnHsvBV0Sp86l7xMz78IxBvgxRflJn2l0LT61j8SMzKEGVpEqrOK5giksnk6wC4X91eL5OpOpFGFDT5u&jschl_vc=e5852421fbe74ddf53cf38a1f2c4ed0d&pass=1550590334.363-iRvgJvGdJA&jschl_answer=35.4842990155 HTTP 302
https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=205101&subaff1=201386&subaff2=196712&subaff3=95104&subaff4=Amazon100CPA2&DVID= HTTP 302
https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False Page URL
https://www.amarktflow.com/cdn-cgi/l/chk_jschl?s=81660755b87960d70bd883d3a64e3f4f6b1baa28-1550590334-1800-AeqZGUweTdQ0BRp8Z19n0ZGfpQwABYhy7JVIz2pBgQKwfQj06VZ%2B3dRRG6wWtAd2ezkhzq4OCz0Or4HcjdnFDBGOeRSYiEvCqcZvxXOtldmm&jschl_vc=83960ea58f1375c87e886c616cdfcedf&pass=1550590338.692-IIUSVg184v&jschl_answer=17.2294775759 HTTP 302
https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False HTTP 302
https://www.amarktflow.com/default.aspx?Flow=c55c9d6f-e3b3-444e-8336-01fa5764e0a1&&PubSrc=%26PubSrc%3D%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False HTTP 302
https://www.usarewardspot.com/default.aspx?Flow=14DFA36E-2CBA-FF63-0C3E-609127B1C063DB63355C&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://track.jobtrkr.com/?xtl=116w7n4vtvax21af8c4ukiwazdg82htbm9bqsm5taqwutr9cz77or6ii5xk790yit16udwhxp0a4ik78angbr51bxt7p6egx1cfgljserfe3edx5im3cvlqxixaalfm671wd6aqhc3t3vu983tib96chjnp7ffutnthjnuguwxpckg4owypdv2f88oj9d&eih=lwf65cihufj0wrwusphht3fa9cnjennl HTTP 302
http://jasminepaludal.com/clicks?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4= HTTP 301
http://jasminepaludal.com/clicks/?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4=

Request Chain 2

http://c.spnccrzone.com/?r3x=bsUdeQUN9OFDVDft1wOUGs%2fdfoNou2cu-B3CPMOFeN%2fc%3d&s1=201386&s2=NzU4ZTVhOTVkMjNlNDg5OGEyNTk3NmRkYTM1NGY2NTQ&s3= HTTP 302
https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=205101&subaff1=201386&subaff2=196712&subaff3=95104&subaff4=Amazon100CPA2&DVID=

Request Chain 3

https://www.surveysandpromotionsusa.com/cdn-cgi/l/chk_jschl?s=e4023624d6ed8b6d862a73539f0deb6932ba2c39-1550590330-1800-AdVt%2FdsOFfLJBXZFJjGKN2ye9Zd3qnHsvBV0Sp86l7xMz78IxBvgxRflJn2l0LT61j8SMzKEGVpEqrOK5giksnk6wC4X91eL5OpOpFGFDT5u&jschl_vc=e5852421fbe74ddf53cf38a1f2c4ed0d&pass=1550590334.363-iRvgJvGdJA&jschl_answer=35.4842990155 HTTP 302
https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=205101&subaff1=201386&subaff2=196712&subaff3=95104&subaff4=Amazon100CPA2&DVID= HTTP 302
https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
jasminepaludal.com/clicks/
Redirect Chain

http://track.jobtrkr.com/?xtl=116w7n4vtvax21af8c4ukiwazdg82htbm9bqsm5taqwutr9cz77or6ii5xk790yit16udwhxp0a4ik78angbr51bxt7p6egx1cfgljserfe3edx5im3cvlqxixaalfm671wd6aqhc3t3vu983tib96chjnp7ffutnthjnug...
http://jasminepaludal.com/clicks?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4=
http://jasminepaludal.com/clicks/?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4=

113 KB
113 KB

295ms
132ms

Document
text/html

206.214.78.132
Eonix Corporation

General

Check archive.org

Show headers Download Go to

Full URL: http://jasminepaludal.com/clicks/?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 206.214.78.132 Henderson, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d6cfffa3140632df63d3fb8beb6ed438bfc79cf8b5f11e1b7de9d9a6811c518f

Request headers

Host: jasminepaludal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Feb 2019 15:32:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 19 Feb 2019 15:32:08 GMT
Server: Apache/2.2.15 (CentOS)
Location: http://jasminepaludal.com/clicks/?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4=
Content-Length: 390
Connection: close
Content-Type: text/html; charset=iso-8859-1

POST
H/1.1 200
OK index.php
jasminepaludal.com/clicks/ 228 B
421 B 490ms
339ms XHR
text/html 206.214.78.132
Eonix Corporation

General

Check archive.org

Show headers Download Go to

Full URL: http://jasminepaludal.com/clicks/index.php
Requested by: Host: jasminepaludal.com
URL: http://jasminepaludal.com/clicks/?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 206.214.78.132 Henderson, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Pragma: no-cache
Origin: http://jasminepaludal.com
Accept-Encoding: gzip, deflate
Host: jasminepaludal.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://jasminepaludal.com/clicks/?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4=
Connection: keep-alive
Content-Length: 533
Referer: http://jasminepaludal.com/clicks/?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4=
Origin: http://jasminepaludal.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 19 Feb 2019 15:32:09 GMT
Server: Apache/2.2.15 (CentOS)
Connection: close
X-Powered-By: PHP/5.3.3
Content-Length: 228
Content-Type: text/html; charset=UTF-8

GET
H2

503

/ Show response
www.surveysandpromotionsusa.com/
Redirect Chain

http://c.spnccrzone.com/?r3x=bsUdeQUN9OFDVDft1wOUGs%2fdfoNou2cu-B3CPMOFeN%2fc%3d&s1=201386&s2=NzU4ZTVhOTVkMjNlNDg5OGEyNTk3NmRkYTM1NGY2NTQ&s3=
https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=205101&subaff1=201386&subaff2=196712&subaff3=95104&subaff4=Amazon100CPA2&DVID=

7 KB
7 KB

96ms
15ms

Document
text/html

2606:4700:30::681f:5d45
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=205101&subaff1=201386&subaff2=196712&subaff3=95104&subaff4=Amazon100CPA2&DVID=

Requested by

Host: jasminepaludal.com
URL: http://jasminepaludal.com/clicks/?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4=

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5d45 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6b7cbe3f4a6c65040891e31808078dc39102fd4e78d027578653b6b22ac60d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.surveysandpromotionsusa.com
:scheme: https
:path: /?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=205101&subaff1=201386&subaff2=196712&subaff3=95104&subaff4=Amazon100CPA2&DVID=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://jasminepaludal.com/clicks/?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4=
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://jasminepaludal.com/clicks/?cid=22953&pub=201386&sid1=&sid2=&sid3=&sid4=

Response headers

status: 503
date: Tue, 19 Feb 2019 15:32:10 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
set-cookie: __cfduid=d50d5f0883dbe6256277f5a054d2739af1550590330; expires=Wed, 19-Feb-20 15:32:10 GMT; path=/; domain=.surveysandpromotionsusa.com; HttpOnly
cache-control: no-cache
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 4ab9c8dcb90963a3-FRA

Redirect headers

Date: Tue, 19 Feb 2019 15:32:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 245
Location: https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=205101&subaff1=201386&subaff2=196712&subaff3=95104&subaff4=Amazon100CPA2&DVID=
Set-Cookie: trk=6pudo0hMmDMW1xTgV29l9b4rOuAZM0AOZcPYYt2oWcRwNZgYXFiMreoDeGmXYTsJ9InRvJObzOQ=; Domain=.spnccrzone.com; Expires=Thu, 18 Feb 2021 15:32:10 GMT; HttpOnly sid=6pudo0hMmDMW1xTgV29l9dpR/XCU5RuLZcPYYt2oWcQW+4r6XlX4JOoDeGmXYTsJlgDJwpjxrOw=; Domain=.spnccrzone.com; HttpOnly x205101=kq8KfNEFKeTKZ8UoTuR3BprJ4ahyLFNS4VtQmHm5GnzbcvzYV7cvmPlT5e4x3ANK7j//AKI2fMgOnCZYrvgdoa2FOC6CWb9b1gFIToxVf08RLJF8/T/q4iTNmNS3Mb03jgiJuFSX+qSkhTEh9Mfvv/6aOtaSEN041V4y8eSpAoD47iDeVbdunMXy2kBK5MyXXuof5qPscNaA83P7UVxUpFllW21GMKzsVnsBz22QcO7g2BUoEvCUU4V8mf2uGLJZ4aKIZ2aYpE/GPoLxQRI/tSN2mh0eudZENPQTHrsO59B/dm4zguaSV+Ok/P+GA496qNohGt/4PANox3xcW+NstFLXAEEtKtWjKYYMPlBKv2+N2WMimcLtWDdfznFCJkSQxCBL/42Bsh1mJAMPDygFUcxCNLM6FUofZctKR+5LwlBdoBADuNRr2M60fQaugerdKl4pt+I7n2snQovCLTFL/Q4q8JRZJ26CoZ88XJUSKTSEdhJsMcQA+lbF7UUcQ8QS1Xyj8GKeaOc1QsZt4xvTbpARqykm5P9Dc09ujMPpCNMnsaw+9lSLNcEhfZfGhi3xNPKmB5dPBqYZGojiTKXLulb5vFeN//C9sDhbxdWQrl0OrRANNs59QAXwkyI6ql8kl6IAYJ310GQyfQ6azMKHelhrfoIkc7pSmvjY8UZc8q66bVDfs2QBj0EBFKmJ73vLvPv4qlQ6qen8JXL5hQ/B5THuHpVoTKfLgjvrymyTiKq8JzO5UwAsfl8kP3SnGCD+Xd+IAX6jN4loA6BhD7d+ndDQj1C7vFrcjQPqtDrTEOsQXzIN0uPpwJU1+Vofi/TJcA6/cVW8L6+Gs4DmGZNJ352M1T60lA+rznCdF0y+HT9QDM3hbW1Ath6o7yFnj9f/XoUQMypBkcbtBLS3UHSKjdDQj1C7vFrcC0XFBr6RuwFnEe7NAdJJ9+J9D9mCUl1J96q2pgOXnHM=; Domain=.spnccrzone.com; Expires=Thu, 21 Mar 2019 15:32:10 GMT; HttpOnly
X-Ckt: bhm22ukuue5dqr8prsgg
X-Ray: bhm22ukuue5dqr8prs9g

GET
H2

503

default.aspx Show response
www.amarktflow.com/
Redirect Chain

https://www.surveysandpromotionsusa.com/cdn-cgi/l/chk_jschl?s=e4023624d6ed8b6d862a73539f0deb6932ba2c39-1550590330-1800-AdVt%2FdsOFfLJBXZFJjGKN2ye9Zd3qnHsvBV0Sp86l7xMz78IxBvgxRflJn2l0LT61j8SMzKEGVpE...
https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=205101&subaff1=201386&subaff2=196712&subaff3=95104&subaff4=Amazon100CPA2&DVID=
https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDon...

5 KB
5 KB

75ms
12ms

Document
text/html

2606:4700::6811:ec32
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False

Requested by

Host: www.surveysandpromotionsusa.com
URL: https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=205101&subaff1=201386&subaff2=196712&subaff3=95104&subaff4=Amazon100CPA2&DVID=

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:ec32 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

36db481e839b8bb0920684cfd1a27b3a98ebf06b9f4443853dc5ffcef85cbb7b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.amarktflow.com
:scheme: https
:path: /default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=205101&subaff1=201386&subaff2=196712&subaff3=95104&subaff4=Amazon100CPA2&DVID=
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.surveysandpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=amzgc&o=205101&subaff1=201386&subaff2=196712&subaff3=95104&subaff4=Amazon100CPA2&DVID=

Response headers

status: 503
date: Tue, 19 Feb 2019 15:32:14 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
set-cookie: __cfduid=d19d22f54a6082fc873f05b04706355c61550590334; expires=Wed, 19-Feb-20 15:32:14 GMT; path=/; domain=.amarktflow.com; HttpOnly
cache-control: no-cache
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 4ab9c8f7ce0f64f3-FRA

Redirect headers

status: 302
date: Tue, 19 Feb 2019 15:32:14 GMT
content-type: text/html; charset=utf-8
cache-control: private
location: https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False
set-cookie: ASP.NET_SessionId=rwgez3mloeoq0dd4bn55zcce; path=/; HttpOnly AF3_Cookie=; expires=Wed, 19-Feb-2020 15:32:14 GMT; path=/
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4ab9c8f609ab63a3-FRA

GET
H2

503

Primary Request default.aspx Show response
www.usarewardspot.com/
Redirect Chain

https://www.amarktflow.com/cdn-cgi/l/chk_jschl?s=81660755b87960d70bd883d3a64e3f4f6b1baa28-1550590334-1800-AeqZGUweTdQ0BRp8Z19n0ZGfpQwABYhy7JVIz2pBgQKwfQj06VZ%2B3dRRG6wWtAd2ezkhzq4OCz0Or4HcjdnFDBGOe...
https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDon...
https://www.amarktflow.com/default.aspx?Flow=c55c9d6f-e3b3-444e-8336-01fa5764e0a1&&PubSrc=%26PubSrc%3D%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isUL...
https://www.usarewardspot.com/default.aspx?Flow=14DFA36E-2CBA-FF63-0C3E-609127B1C063DB63355C&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&...

8 KB
9 KB

70ms
10ms

Document
text/html

2606:4700:30::681c:bfc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usarewardspot.com/default.aspx?Flow=14DFA36E-2CBA-FF63-0C3E-609127B1C063DB63355C&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False

Requested by

Host: www.amarktflow.com
URL: https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:bfc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e60d0152e1b1d5df92b10b36bb0c29b00e2513fc3ed497dbb0043d9dea40a2f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.usarewardspot.com
:scheme: https
:path: /default.aspx?Flow=14DFA36E-2CBA-FF63-0C3E-609127B1C063DB63355C&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False

Response headers

status: 503
date: Tue, 19 Feb 2019 15:32:19 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
set-cookie: __cfduid=de3fbd9b0949a2c7df19dcb52920c1ab61550590339; expires=Wed, 19-Feb-20 15:32:19 GMT; path=/; domain=.usarewardspot.com; HttpOnly
cache-control: no-cache
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 4ab9c913ea956439-FRA

Redirect headers

status: 302
date: Tue, 19 Feb 2019 15:32:19 GMT
content-type: text/html; charset=utf-8
cache-control: private
location: https://www.usarewardspot.com/default.aspx?Flow=14DFA36E-2CBA-FF63-0C3E-609127B1C063DB63355C&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26reward%3Damzgc%26o%3D205101&SubAff=201386_196712_95104_Amazon100CPA2&isUserLookUp=False&isULUDone=False
x-aspnet-version: 4.0.30319
set-cookie: AF3_Cookie=; expires=Wed, 19-Feb-2020 15:32:19 GMT; path=/
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4ab9c912281264f3-FRA

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.usarewardspot.com/	1970-01-19 07:28:46	Name: __cfduid Value: de3fbd9b0949a2c7df19dcb52920c1ab61550590339

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.spnccrzone.com
jasminepaludal.com
track.jobtrkr.com
www.amarktflow.com
www.surveysandpromotionsusa.com
www.usarewardspot.com
206.214.78.132
2606:4700:30::681c:bfc
2606:4700:30::681f:5d45
2606:4700::6811:ec32
52.6.184.170
52.70.249.238
36db481e839b8bb0920684cfd1a27b3a98ebf06b9f4443853dc5ffcef85cbb7b
b6b7cbe3f4a6c65040891e31808078dc39102fd4e78d027578653b6b22ac60d5
d6cfffa3140632df63d3fb8beb6ed438bfc79cf8b5f11e1b7de9d9a6811c518f
e60d0152e1b1d5df92b10b36bb0c29b00e2513fc3ed497dbb0043d9dea40a2f3

www.usarewardspot.com Open in urlscan Pro 2606:4700:30::681c:bfc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

60 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

4 IPs

1 Countries

135 kBTransfer

133 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

Indicators

www.usarewardspot.com Open in urlscan Pro
2606:4700:30::681c:bfc Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

60 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

4
IPs

1
Countries

135 kB
Transfer

133 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions