pointrewardshops.com Open in urlscan Pro
82.118.242.231 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hostileqzhundred.com/#0ltLMwu
Effective URL:
https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Submission: On September 15 via manual (September 15th 2021, 12:36:30 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 17 HTTP transactions. The main IP is 82.118.242.231, located in Bulgaria and belongs to VERDINA, BZ. The main domain is pointrewardshops.com.
TLS certificate: Issued by R3 on September 3rd 2021. Valid for: 3 months.

This is the only time pointrewardshops.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.67.131.48 172.67.131.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	82.118.242.231 82.118.242.231	201133 (VERDINA) (VERDINA)
3	104.18.225.52 104.18.225.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.216.101 172.67.216.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.66.40.62 172.66.40.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.229.133.208 192.229.133.208	15133 (EDGECAST) (EDGECAST)
17	6

2 172.67.131.48 (United States)

ASN13335 (CLOUDFLARENET, US)

hostileqzhundred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 82.118.242.231 (Bulgaria) 1 redirects

ASN201133 (VERDINA, BZ)

pointrewardshops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.225.52 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.216.101 (United States)

ASN13335 (CLOUDFLARENET, US)

api.md2syzz.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.40.62 (United States)

ASN13335 (CLOUDFLARENET, US)

kowboykittens.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.133.208 (United States)

ASN15133 (EDGECAST, US)

v.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	pointrewardshops.com 1 redirects pointrewardshops.com	180 KB
3	fastcdn.co v.fastcdn.co	501 KB
3	onesignal.com cdn.onesignal.com onesignal.com	73 KB
2	md2syzz.info api.md2syzz.info	3 KB
2	hostileqzhundred.com hostileqzhundred.com	4 KB
1	kowboykittens.com kowboykittens.com	929 B
17	6

	Domain	Requested by
7	pointrewardshops.com	1 redirects hostileqzhundred.com pointrewardshops.com
3	v.fastcdn.co	pointrewardshops.com
2	api.md2syzz.info	pointrewardshops.com api.md2syzz.info
2	cdn.onesignal.com	pointrewardshops.com cdn.onesignal.com
2	hostileqzhundred.com	hostileqzhundred.com
1	onesignal.com	cdn.onesignal.com
1	kowboykittens.com	pointrewardshops.com
17	7

This site contains no links.

Subject Issuer	Validity	Valid
pointrewardshops.com R3	`2021-09-03` - `2021-12-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
v.fastcdn.co DigiCert TLS RSA SHA256 2020 CA1	`2021-05-11` - `2022-05-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Frame ID: F603B9AB884B9B6E869BC9F96C22E14D
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Reward

Page URL History Show full URLs

http://hostileqzhundred.com/ Page URL
http://hostileqzhundred.com/0ltLMwu Page URL
https://pointrewardshops.com/rewards?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s... HTTP 301
https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

88 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

760 kB
Transfer

1051 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hostileqzhundred.com/ Page URL
http://hostileqzhundred.com/0ltLMwu Page URL
https://pointrewardshops.com/rewards?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175 HTTP 301
https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
hostileqzhundred.com/ 769 B
2 KB 376ms
352ms Document
text/html 172.67.131.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://hostileqzhundred.com/?

Protocol

HTTP/1.1

Server

172.67.131.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: hostileqzhundred.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 15 Sep 2021 12:36:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
cache-control: no-cache
set-cookie: XSRF-TOKEN=eyJpdiI6IkVtVm5GSHdoUm85V09leGFabVZ4TUE9PSIsInZhbHVlIjoiQXdHWUF6SmtzSURnQ0ZPdmlzR1dWeHBnZm9mS2dvRlVPYktyandJeExUbGhhM1wvNjR3RjVMaDBFQ08yN3Mzb1JIUlRpUE9pRlJjZ2NCbFdtUndwMGtRPT0iLCJtYWMiOiIzMDQ1ODBiMGNjYTMxZTE0N2Y4MThiMjE2OTM4MmZmOGZhOWU0YmY4MjMxYzk2ZTFiMmM4YmEzMTk2MWMxYjExIn0%3D; expires=Wed, 15-Sep-2021 14:36:23 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6InM3MHJtcUVsR0JaTUEwdDk3WDNNMVE9PSIsInZhbHVlIjoiaGhHR2VuWjVlSWFoeGg0R2V3T1Q2VXhiQnhvRGNDbDIwdHloWFRBQkdcL3l5ckpZQzROMnZJVXNUbFllaXFJZFwvaGkzVlNaeDRCdXdycjN0dUFleHVQZz09IiwibWFjIjoiNzhhOWU5NDFkOGQxYjdkMzE3OTI4YTllZTJhMDFjNjJkZjZhMTY0MzFlNGQ2NzUyM2E0M2U3NzdmMDRmZTIyMSJ9; expires=Wed, 15-Sep-2021 14:36:23 GMT; Max-Age=7200; path=/; HttpOnly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHN5dmqUcTcu6SbmnKAP5E4zdEK%2B%2FZS%2FJnvlJ5YVirCUvRvD%2FiDt2bA58voncaJ5uYbY70pZ76mPA4xasUI7T9MTvQmnkkZhipK3for2lU4rOdyc8a%2BNPzdSPzM3xtTgLnjZaa9xbg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68f1e67eb959690f-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK 0ltLMwu
hostileqzhundred.com/ 641 B
2 KB 1004ms
1004ms Document
text/html 172.67.131.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://hostileqzhundred.com/0ltLMwu

Requested by

Host: hostileqzhundred.com
URL: http://hostileqzhundred.com/?

Protocol

HTTP/1.1

Server

172.67.131.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: hostileqzhundred.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://hostileqzhundred.com/?
Accept-Encoding: gzip, deflate
Cookie: XSRF-TOKEN=eyJpdiI6IkVtVm5GSHdoUm85V09leGFabVZ4TUE9PSIsInZhbHVlIjoiQXdHWUF6SmtzSURnQ0ZPdmlzR1dWeHBnZm9mS2dvRlVPYktyandJeExUbGhhM1wvNjR3RjVMaDBFQ08yN3Mzb1JIUlRpUE9pRlJjZ2NCbFdtUndwMGtRPT0iLCJtYWMiOiIzMDQ1ODBiMGNjYTMxZTE0N2Y4MThiMjE2OTM4MmZmOGZhOWU0YmY4MjMxYzk2ZTFiMmM4YmEzMTk2MWMxYjExIn0%3D; laravel_session=eyJpdiI6InM3MHJtcUVsR0JaTUEwdDk3WDNNMVE9PSIsInZhbHVlIjoiaGhHR2VuWjVlSWFoeGg0R2V3T1Q2VXhiQnhvRGNDbDIwdHloWFRBQkdcL3l5ckpZQzROMnZJVXNUbFllaXFJZFwvaGkzVlNaeDRCdXdycjN0dUFleHVQZz09IiwibWFjIjoiNzhhOWU5NDFkOGQxYjdkMzE3OTI4YTllZTJhMDFjNjJkZjZhMTY0MzFlNGQ2NzUyM2E0M2U3NzdmMDRmZTIyMSJ9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://hostileqzhundred.com/?

Response headers

Date: Wed, 15 Sep 2021 12:36:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
cache-control: no-cache
set-cookie: XSRF-TOKEN=eyJpdiI6IkwrMlRnVUxoTlpqNDZCYzBSbHhNTHc9PSIsInZhbHVlIjoibG85RStZenh2bjRkRkU2eStnN2pYNVkraWZpSWI5OVNzSzJzNkY2STRCeVp3XC9OMG1HQ2Z6UDNoVVhwR0NENVdZdk5xa2V5cHhUNzM0V0x6Q21hWkFBPT0iLCJtYWMiOiI1MTBkNTlkNGI4MzRjMTkzMDExNWIwYTdlMzM2MTJjOWEyOTk5NWQ1YjJmNTMyMGQ5NWM2N2QyYjgxMzAxY2FmIn0%3D; expires=Wed, 15-Sep-2021 14:36:24 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6Im9NZVwvOHdzRStlYUMzcnlHZllLZXd3PT0iLCJ2YWx1ZSI6Ilk0TlMwaFFcL2pZdUdIQkRSSXQwZEYwbmcrUDZiTW5LS3JiZFBMYXlZYnFQZCt4TkRjdHE5M0RXd0VaaVg2TlVLNnYzQVRXckZkZFFHXC9SMmtmVmhVOEE9PSIsIm1hYyI6IjhkYWVhMTVkYTZkNTUxMWI4OGYxODg2ZGE3NDdlYzk4MTJlOGVlMzVmYjUzNzNlNmQ4YmI2MTEwOGEzZjEwOWUifQ%3D%3D; expires=Wed, 15-Sep-2021 14:36:24 GMT; Max-Age=7200; path=/; HttpOnly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJONHgq0TwczrZBOix9ZtQ7DVlQASmr%2FJBFvLHYlGWwk8QVkAdvHj%2FIeo76B88HrHTR1UrzkLSXnQ%2FL7GtglhfJLSVsjipbDtof%2F%2BpP0QmEZ2btzpo%2BKk8QcrDqYVNCbyUTdng7GnA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68f1e6811e97690f-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1

200
OK

Primary Request / Show response
pointrewardshops.com/rewards/
Redirect Chain

https://pointrewardshops.com/rewards?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175

45 KB
15 KB

252ms
251ms

Document
text/html

82.118.242.231
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL

https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175

Requested by

Host: hostileqzhundred.com
URL: http://hostileqzhundred.com/0ltLMwu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

82.118.242.231 , Bulgaria, ASN201133 (VERDINA, BZ),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

8c47c253ffcb53d4575448cf92962208969a4480d9f51cce3c9e48c85da17af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Host: pointrewardshops.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://hostileqzhundred.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://hostileqzhundred.com/0ltLMwu

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 15 Sep 2021 12:36:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Encoding: gzip

Redirect headers

Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 15 Sep 2021 12:36:24 GMT
Content-Type: text/html
Content-Length: 178
Location: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length

GET
H/1.1 200
OK utils.4307b753f6f392018c32.js Show response
pointrewardshops.com/rewards-4/index_files/ 47 KB
19 KB 42ms
41ms Script
application/javascript 82.118.242.231
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL

https://pointrewardshops.com/rewards-4/index_files/utils.4307b753f6f392018c32.js

Requested by

Host: pointrewardshops.com
URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

82.118.242.231 , Bulgaria, ASN201133 (VERDINA, BZ),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b96b4f9b3146047939f342700eb43b54b7ab687d070048efa199320fc250844e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: pointrewardshops.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 12:36:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Aug 2021 01:56:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6109f3c4-bc1a"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Cradle.4dac59f2328b0387640d.js Show response
pointrewardshops.com/rewards-4/index_files/ 20 KB
7 KB 80ms
35ms Script
application/javascript 82.118.242.231
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL

https://pointrewardshops.com/rewards-4/index_files/Cradle.4dac59f2328b0387640d.js

Requested by

Host: pointrewardshops.com
URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

82.118.242.231 , Bulgaria, ASN201133 (VERDINA, BZ),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

871a395274807a496ca51c603b7320eca9fc11a7949c0df992be96f29dcb7211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: pointrewardshops.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 12:36:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Aug 2021 01:56:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6109f3c4-4ec2"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK LazyImage.b311ea858a228d7bc9b2.js Show response
pointrewardshops.com/rewards-4/index_files/ 3 KB
2 KB 103ms
34ms Script
application/javascript 82.118.242.231
VERDINA

General

Check archive.org

Show headers Download Go to

Full URL

https://pointrewardshops.com/rewards-4/index_files/LazyImage.b311ea858a228d7bc9b2.js

Requested by

Host: pointrewardshops.com
URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

82.118.242.231 , Bulgaria, ASN201133 (VERDINA, BZ),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7e7c84efcf8e336f390d7a51a24cba3873782769b33470b31d2cef95b2f01cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: pointrewardshops.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 12:36:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Aug 2021 01:56:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6109f3c4-d90"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 73ms
24ms Script
application/javascript 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: pointrewardshops.com
URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:36:25 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 315
etag: W/"3e792b2dc76a5a063e1c4f30d40ae527"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 68f1e68a6a1127c0-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 18 Sep 2021 12:36:25 GMT

GET
H2 200 auto-push.min.js Show response
api.md2syzz.info/ 3 KB
2 KB 96ms
22ms Script
application/x-javascript 172.67.216.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.md2syzz.info/auto-push.min.js
Requested by: Host: pointrewardshops.com
URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.216.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 032814cf4be1a49b079a1c3c0aceda71a8aecb63c4a4a65d01e0a632b4b2a476

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:36:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6667
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 31 Mar 2021 05:17:11 GMT
server: cloudflare
etag: W/"8065551aed25d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQZOFZu0Cmlcnron2oIO2cdcQ1tVQ7toEXk2cJS5YtQc6aONDiirrxDa8R%2Bb4NYx5AC8mqHDsFw%2FtSRGzZXOsP2tLpZ7hCHlBkPHBIP18kNMwsb9rtTdJHO93N5RdbuqXTjD"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 68f1e68a9e042778-PRG

GET
H/1.1 200
OK 54768222-0-ewallet.png
pointrewardshops.com/rewards-4/index_files/ 12 KB
13 KB 35ms
35ms Image
image/png 82.118.242.231
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pointrewardshops.com/rewards-4/index_files/54768222-0-ewallet.png

Requested by

Host: pointrewardshops.com
URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

82.118.242.231 , Bulgaria, ASN201133 (VERDINA, BZ),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1820453697779ded71c7c3ce2c2d6472ea9cfc537eeb5d0098e1a475619b19b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: pointrewardshops.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 12:36:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Aug 2021 01:56:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6109f3c4-3187"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12679
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 57137496-0-resizemodeScaleToFit.png
pointrewardshops.com/rewards-4/index_files/ 123 KB
124 KB 69ms
68ms Image
image/png 82.118.242.231
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pointrewardshops.com/rewards-4/index_files/57137496-0-resizemodeScaleToFit.png

Requested by

Host: pointrewardshops.com
URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

82.118.242.231 , Bulgaria, ASN201133 (VERDINA, BZ),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7f200bdf8cfb3705a286fe157b6e587482b4ec8d8e07dd83cbecce4899fa96d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: pointrewardshops.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 12:36:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Aug 2021 01:56:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6109f3c4-1edca"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126410
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 33ms
32ms Script
application/javascript 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151507
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 534047d152df49b3ea66735a76a84aeaa993e3d193e8dff1daf39aff2d5fa43c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:36:25 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3413
etag: W/"7cb42d545f90e08baa9fa2499b1edad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 68f1e68abade27c0-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 18 Sep 2021 12:36:25 GMT

GET
H3 200 81ab0785-3e5a-4aac-97c6-2a233e2567d6 Show response
api.md2syzz.info/rest/v1/p-apps/get-id/ 123 B
745 B 249ms
229ms XHR
text/plain 172.67.216.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.md2syzz.info/rest/v1/p-apps/get-id/81ab0785-3e5a-4aac-97c6-2a233e2567d6?url=https://pointrewardshops.com
Requested by: Host: api.md2syzz.info
URL: https://api.md2syzz.info/auto-push.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 68a89073ce36a421cea42bbacf4949f7958e1bb42268a2a25b255b434c98543d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:36:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fo954xn%2F1Ux8KI50Cp4Mw4uHyJiFtht44SEDEbUXuHDd4BHy8TPpumy461WyuuOnGSuQgpwfNEtJOUgkEGwz8ePiwI%2BVyGVr4yl0KZ3G8v3JtIUYwqzteUhLRMh8oQpKyXbP"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 68f1e68ad8f94120-PRG
expires: -1

GET
H2 200 jquery.js Show response
kowboykittens.com/pub/ 608 B
929 B 313ms
251ms Script
text/html 172.66.40.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kowboykittens.com/pub/jquery.js?i=956040298&loc=https%3A%2F%2Fpointrewardshops.com%2Frewards%2F%3Fs1%3Dfskejb3a233dddj2533Verizon%26s3%3Dsc_9149%252Clcat_1631684018%26s4%3D6834%26s5%3D2533072175&href=https%3A%2F%2Fpointrewardshops.com%2Ff02456949da3f67c5c65ff3b9.php%3Fclid%3D192761374%26l%3D68304%26v%3D0%26e%3D27922%26d%3D0%26s1%3Dfskejb3a233dddj2533Verizon%26s3%3Dsc_9149%2Clcat_1631684018%26s4%3D6834%26s5%3D2533072175%26o%3D15410%26lid%3D0&ref=http%3A%2F%2Fhostileqzhundred.com%2F
Requested by: Host: pointrewardshops.com
URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.40.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4c78651972276b00b2fd7a1ff3295efb1c46d93bc6629eaf2d014d601d7266e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:36:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Sep 2021 12:36:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pP%2B5MOLBXMmYKrgMnEvI2U72ub0kk7fYAjJkSB8H8ZpgFMOrBbRu3E%2FcmFsmV1gYBM53myZX5ZC1aC1knTAZzRII3suVR3NpLKGhil5kknKy36889UwcRBEOSj7nyKn1yAnG4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68f1e68b3b6a4114-PRG

GET
H2 200 57137076-0-walmart-logos-lockup.png
v.fastcdn.co/u/27d140b1/ 49 KB
49 KB 41ms
13ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/27d140b1/57137076-0-walmart-logos-lockup.png
Requested by: Host: pointrewardshops.com
URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: b403b857f8dc1012e47316c7bea536e98915549204c9aa5c7a70a642c46cd1ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:36:25 GMT
x-goog-stored-content-length: 50374
age: 6248035
x-guploader-uploadid: ADPycdvGkUPFvHBWbtW5MwBPY61U_5uzwm1bT8NoKK1h0RWPfXkx1rdHP22ShsQEnP5ysydDY-m18vp2gLXSo0K56-YRQ-XDdQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 02 Jul 2022 00:27:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50374
last-modified: Tue, 11 May 2021 08:27:15 GMT
server: ECS (frb/668B)
etag: "f940991f820cc0ba2214a0b4f3d4b1a7"
x-goog-hash: crc32c=nIYapg==, md5=+UCZH4IMwLoiFKC089Sxpw==
content-type: image/png
x-goog-generation: 1620721635452669
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Thu, 15 Sep 2022 12:36:25 GMT

GET
H2 200 57137421-0-iphone-12-blue-selec.v1604343704000
v.fastcdn.co/u/27d140b1/ 379 KB
380 KB 34ms
6ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/27d140b1/57137421-0-iphone-12-blue-selec.v1604343704000
Requested by: Host: pointrewardshops.com
URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 95f25d793f37ca73758e723daf227de91a70eedf659cd3229b731c736c213099

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:36:25 GMT
x-goog-stored-content-length: 388429
age: 6711117
x-guploader-uploadid: ADPycds01ukUdnhVMvixhHii4o2J5VzPBTRwSPkK3frSAxmPEvFX1HjtwWeBl_-ayXEqAcjADctOHS2gtUxDybiw68Y
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 02 Jul 2022 00:54:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 388429
last-modified: Tue, 11 May 2021 08:54:48 GMT
server: ECS (frb/67F3)
etag: "84e040e9f64e65f5b2f82188e82aab6b"
x-goog-hash: crc32c=zTWruw==, md5=hOBA6fZOZfWy+CGI6Cqraw==
content-type: image/png
x-goog-generation: 1620723288446674
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Thu, 15 Sep 2022 12:36:25 GMT

GET
H2 200 57137516-0-apple-ipad-pro-2020-.jpg
v.fastcdn.co/u/27d140b1/ 71 KB
71 KB 51ms
24ms Image
image/jpeg 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/27d140b1/57137516-0-apple-ipad-pro-2020-.jpg
Requested by: Host: pointrewardshops.com
URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6793) /
Resource Hash: a03b69c057a754b6d9994a8c2ba7d2746f101b53d681999fb9ab4347e2df294b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:36:25 GMT
x-goog-stored-content-length: 72367
age: 6247771
x-guploader-uploadid: ADPycdvQc0hbfcu2uVMNC6y8VeIR5ai8DaykTFF2TDmy5BAkK3PIElx9k8SnYptAWyrbCA07kee85WT4LTkcaVJDUWGUpY7yEA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 02 Jul 2022 00:59:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72367
last-modified: Tue, 11 May 2021 08:59:00 GMT
server: ECS (frb/6793)
etag: "438eaafb4f5745649fc289a6e547377d"
x-goog-hash: crc32c=0dboag==, md5=Q46q+09XRWSfwomm5Uc3fQ==
content-type: image/jpeg
x-goog-generation: 1620723540360212
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Thu, 15 Sep 2022 12:36:25 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/2a47e57a-c50c-47ad-ac10-e49c50c5d576/ 3 KB
2 KB 37ms
30ms Script
text/javascript 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/2a47e57a-c50c-47ad-ac10-e49c50c5d576/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R) 6.0.8

Resource Hash

0c85c8c6793c15e9f939a7527f03c7bd147c2420d5f9b5c5511c2b8c4dc32ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pointrewardshops.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1682
x-powered-by: Phusion Passenger(R) 6.0.8
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 48d79166-0232-49be-a328-dce3589ca4ec
x-runtime: 0.212587
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ca0d5c5363eb99770ef2865eb253246d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-polished: origSize=3075
cf-ray: 68f1e68c7e2a27c0-PRG
access-control-allow-headers: SDK-Version
expires: Wed, 15 Sep 2021 13:36:25 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hostileqzhundred.com/	1970-01-19 21:15:16	Name: XSRF-TOKEN Value: eyJpdiI6IkwrMlRnVUxoTlpqNDZCYzBSbHhNTHc9PSIsInZhbHVlIjoibG85RStZenh2bjRkRkU2eStnN2pYNVkraWZpSWI5OVNzSzJzNkY2STRCeVp3XC9OMG1HQ2Z6UDNoVVhwR0NENVdZdk5xa2V5cHhUNzM0V0x6Q21hWkFBPT0iLCJtYWMiOiI1MTBkNTlkNGI4MzRjMTkzMDExNWIwYTdlMzM2MTJjOWEyOTk5NWQ1YjJmNTMyMGQ5NWM2N2QyYjgxMzAxY2FmIn0%3D
			hostileqzhundred.com/	1970-01-19 21:15:16	Name: laravel_session Value: eyJpdiI6Im9NZVwvOHdzRStlYUMzcnlHZllLZXd3PT0iLCJ2YWx1ZSI6Ilk0TlMwaFFcL2pZdUdIQkRSSXQwZEYwbmcrUDZiTW5LS3JiZFBMYXlZYnFQZCt4TkRjdHE5M0RXd0VaaVg2TlVLNnYzQVRXckZkZFFHXC9SMmtmVmhVOEE9PSIsIm1hYyI6IjhkYWVhMTVkYTZkNTUxMWI4OGYxODg2ZGE3NDdlYzk4MTJlOGVlMzVmYjUzNzNlNmQ4YmI2MTEwOGEzZjEwOWUifQ%3D%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175 Message: The resource https://pointrewardshops.com/rewards-4/index_files/utils.4307b753f6f392018c32.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175 Message: The resource https://pointrewardshops.com/rewards-4/index_files/Cradle.4dac59f2328b0387640d.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://pointrewardshops.com/rewards/?s1=fskejb3a233dddj2533Verizon&s3=sc_9149%2Clcat_1631684018&s4=6834&s5=2533072175 Message: The resource https://pointrewardshops.com/rewards-4/index_files/LazyImage.b311ea858a228d7bc9b2.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.md2syzz.info
cdn.onesignal.com
hostileqzhundred.com
kowboykittens.com
onesignal.com
pointrewardshops.com
v.fastcdn.co
104.18.225.52
172.66.40.62
172.67.131.48
172.67.216.101
192.229.133.208
82.118.242.231
032814cf4be1a49b079a1c3c0aceda71a8aecb63c4a4a65d01e0a632b4b2a476
0c85c8c6793c15e9f939a7527f03c7bd147c2420d5f9b5c5511c2b8c4dc32ae2
1820453697779ded71c7c3ce2c2d6472ea9cfc537eeb5d0098e1a475619b19b6
534047d152df49b3ea66735a76a84aeaa993e3d193e8dff1daf39aff2d5fa43c
68a89073ce36a421cea42bbacf4949f7958e1bb42268a2a25b255b434c98543d
7e7c84efcf8e336f390d7a51a24cba3873782769b33470b31d2cef95b2f01cee
7f200bdf8cfb3705a286fe157b6e587482b4ec8d8e07dd83cbecce4899fa96d9
871a395274807a496ca51c603b7320eca9fc11a7949c0df992be96f29dcb7211
8c47c253ffcb53d4575448cf92962208969a4480d9f51cce3c9e48c85da17af1
95f25d793f37ca73758e723daf227de91a70eedf659cd3229b731c736c213099
a03b69c057a754b6d9994a8c2ba7d2746f101b53d681999fb9ab4347e2df294b
b403b857f8dc1012e47316c7bea536e98915549204c9aa5c7a70a642c46cd1ad
b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5
b96b4f9b3146047939f342700eb43b54b7ab687d070048efa199320fc250844e
e4c78651972276b00b2fd7a1ff3295efb1c46d93bc6629eaf2d014d601d7266e

pointrewardshops.com Open in urlscan Pro 82.118.242.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

88 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

6 IPs

3 Countries

760 kBTransfer

1051 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

2 Cookies

3 Console Messages

Security Headers

Indicators

pointrewardshops.com Open in urlscan Pro
82.118.242.231 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

88 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

760 kB
Transfer

1051 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions