Submitted URL: https://www.opaypla.com/
Effective URL: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Submission: On July 15 via api from US — Scanned from US

Summary

This website contacted 5 IPs in 1 countries across 7 domains to perform 16 HTTP transactions. The main IP is 207.91.192.87, located in United States and belongs to AHOSTING, US. The main domain is www.safescorereward.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 6th 2023. Valid for: a year.
This is the only time www.safescorereward.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 198.23.51.117 32748 (STEADFAST)
1 10 207.91.192.87 54163 (AHOSTING)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
16 5
Apex Domain
Subdomains
Transfer
10 safescorereward.com
safescorereward.com
www.safescorereward.com
398 KB
3 gstatic.com
fonts.gstatic.com
53 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1032
62 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
998 B
1 eduforbetterment.com
eduforbetterment.com
285 B
1 opaypla.com
www.opaypla.com
112 B
16 7
Domain Requested by
9 www.safescorereward.com www.safescorereward.com
3 fonts.gstatic.com fonts.googleapis.com
2 maxcdn.bootstrapcdn.com www.safescorereward.com
maxcdn.bootstrapcdn.com
1 fonts.googleapis.com www.safescorereward.com
1 cdnjs.cloudflare.com www.safescorereward.com
1 safescorereward.com 1 redirects
1 eduforbetterment.com 1 redirects
1 www.opaypla.com 1 redirects
16 8

This site contains no links.

Subject Issuer Validity Valid
www.safescorereward.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-06 -
2024-07-05
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Frame ID: F8D5A84B29E8DFF42749E39D0A644892
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

Secure Login Form

Page URL History Show full URLs

  1. https://www.opaypla.com/ HTTP 301
    http://eduforbetterment.com/pay.pal.php HTTP 301
    https://safescorereward.com/safetygreen/security2.php HTTP 302
    https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

8
Subdomains

5
IPs

1
Countries

515 kB
Transfer

553 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.opaypla.com/ HTTP 301
    http://eduforbetterment.com/pay.pal.php HTTP 301
    https://safescorereward.com/safetygreen/security2.php HTTP 302
    https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request home4.html
www.safescorereward.com/
Redirect Chain
  • https://www.opaypla.com/
  • http://eduforbetterment.com/pay.pal.php
  • https://safescorereward.com/safetygreen/security2.php
  • https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
18 KB
19 KB
Document
General
Full URL
https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.91.192.87 , United States, ASN54163 (AHOSTING, US),
Reverse DNS
Software
Apache /
Resource Hash
2f5950320b6af123f3f7d3c962f2b970e24a778dd0b935835927cd6e58366d89

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
18807
Content-Type
text/html
Date
Sat, 15 Jul 2023 06:33:06 GMT
Keep-Alive
timeout=3, max=100
Last-Modified
Fri, 14 Jul 2023 15:27:03 GMT
Server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 15 Jul 2023 06:33:05 GMT
Keep-Alive
timeout=3, max=100
Location
https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Server
Apache
reset.min.css
cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/
773 B
998 B
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css
Requested by
Host: www.safescorereward.com
URL: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.safescorereward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 06:33:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1916952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
333
last-modified
Mon, 04 May 2020 16:13:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f23-305"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y864nxBWP%2F6%2BwBo0Vra9ejfhxT1XhMCfmytVmjzIICy0K2U28vL5SzOQeoYVeBi%2F28jLicgFJV8g6smBcg8tYxDpVTA8XK2CfDubq%2B9D5sEyujFT0qph%2BVArJpnRb90bembq0LE97Lc2ei1NxRe0aH3O"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e6ff8d58c7022d3-ORD
expires
Thu, 04 Jul 2024 06:33:06 GMT
css
fonts.googleapis.com/
26 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900|RobotoDraft:400,100,300,500,700,900
Requested by
Host: www.safescorereward.com
URL: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9d7ddb116f8b865f3ffc93a2a354e7514b21e2b9ed3806f0818229ccf4e13b0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.safescorereward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jul 2023 06:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 06:33:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jul 2023 06:33:06 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/
23 KB
6 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: www.safescorereward.com
URL: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.safescorereward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 06:33:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617
age
4525450
cdn-cachedat
2021-06-08 21:08:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7e6ff8d58dc8110e-ORD
cdn-requestpullsuccess
True
top1.png
www.safescorereward.com/
18 KB
18 KB
Image
General
Full URL
https://www.safescorereward.com/top1.png
Requested by
Host: www.safescorereward.com
URL: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.91.192.87 , United States, ASN54163 (AHOSTING, US),
Reverse DNS
Software
Apache /
Resource Hash
a2e75a4d1d8fa4c844de3664a2bdf0d5c070f088f08ca49ca9f204bb85caadb8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sat, 15 Jul 2023 06:33:06 GMT
Last-Modified
Thu, 13 Jul 2023 13:29:22 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
18426
top.png
www.safescorereward.com/
31 KB
31 KB
Image
General
Full URL
https://www.safescorereward.com/top.png
Requested by
Host: www.safescorereward.com
URL: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.91.192.87 , United States, ASN54163 (AHOSTING, US),
Reverse DNS
Software
Apache /
Resource Hash
431c7edc18f8e463b55a6471d3369215935450f6a00ef391100a546c04bd8032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sat, 15 Jul 2023 06:33:06 GMT
Last-Modified
Thu, 13 Jul 2023 10:35:21 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
31463
logopay.webp
www.safescorereward.com/
7 KB
8 KB
Image
General
Full URL
https://www.safescorereward.com/logopay.webp
Requested by
Host: www.safescorereward.com
URL: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.91.192.87 , United States, ASN54163 (AHOSTING, US),
Reverse DNS
Software
Apache /
Resource Hash
a13120e60e2d106a2cc758186f794ff4fabcf582f0bfcec0739f94036392be58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sat, 15 Jul 2023 06:33:06 GMT
Last-Modified
Thu, 13 Jul 2023 12:46:51 GMT
Server
Apache
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=97
Content-Length
7646
logo4.jpg
www.safescorereward.com/
5 KB
5 KB
Image
General
Full URL
https://www.safescorereward.com/logo4.jpg
Requested by
Host: www.safescorereward.com
URL: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.91.192.87 , United States, ASN54163 (AHOSTING, US),
Reverse DNS
Software
Apache /
Resource Hash
381185e886df73631197e6722b5f0d7ce1f3a2adb1cc5fec991ebc8b12eb7d70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sat, 15 Jul 2023 06:33:06 GMT
Last-Modified
Fri, 07 Jul 2023 03:24:46 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=96
Content-Length
5190
logo2.jpg
www.safescorereward.com/
4 KB
4 KB
Image
General
Full URL
https://www.safescorereward.com/logo2.jpg
Requested by
Host: www.safescorereward.com
URL: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.91.192.87 , United States, ASN54163 (AHOSTING, US),
Reverse DNS
Software
Apache /
Resource Hash
beaa2ae336296daf8d28fb94f0ed084e4ebc91cd95ae0df3226d32aaa7c305cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sat, 15 Jul 2023 06:33:06 GMT
Last-Modified
Fri, 07 Jul 2023 03:24:46 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
4058
logo3.jpg
www.safescorereward.com/
4 KB
5 KB
Image
General
Full URL
https://www.safescorereward.com/logo3.jpg
Requested by
Host: www.safescorereward.com
URL: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.91.192.87 , United States, ASN54163 (AHOSTING, US),
Reverse DNS
Software
Apache /
Resource Hash
6e50ce97e3fcd1cac4d36b853c1194da167dc7709b9547feae2c76347894348a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sat, 15 Jul 2023 06:33:06 GMT
Last-Modified
Fri, 07 Jul 2023 03:24:46 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
4395
flogo.png
www.safescorereward.com/
48 KB
48 KB
Image
General
Full URL
https://www.safescorereward.com/flogo.png
Requested by
Host: www.safescorereward.com
URL: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.91.192.87 , United States, ASN54163 (AHOSTING, US),
Reverse DNS
Software
Apache /
Resource Hash
514ae0b397464fc5a46b2cd90eda0153676164f69a5d9053a8153935a833bc11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sat, 15 Jul 2023 06:33:06 GMT
Last-Modified
Tue, 11 Jul 2023 17:38:57 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
49305
easy.png
www.safescorereward.com/
259 KB
260 KB
Image
General
Full URL
https://www.safescorereward.com/easy.png
Requested by
Host: www.safescorereward.com
URL: https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.91.192.87 , United States, ASN54163 (AHOSTING, US),
Reverse DNS
Software
Apache /
Resource Hash
6e99c3ecd2d3cd80e73e796badc1fca565a9c5a7dd0c5f1e464aa14b1e8b69fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.safescorereward.com/home4.html?PAY.PAL.LOGIN.SSL-CREDITOFFERPROTECTION
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sat, 15 Jul 2023 06:33:06 GMT
Last-Modified
Fri, 14 Jul 2023 13:25:47 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
265533
2sDHZGBLgJnUjLre-wxFG10QAa0aRCw.woff2
fonts.gstatic.com/s/robotodraft/v17/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotodraft/v17/2sDHZGBLgJnUjLre-wxFG10QAa0aRCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900|RobotoDraft:400,100,300,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6cec6ebd93ecd2d24831c85c7e2e32edf60afabc34c38a61d4e8932b05ad13c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.safescorereward.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 02:48:33 GMT
x-content-type-options
nosniff
age
272673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17932
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:44:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jul 2024 02:48:33 GMT
2sDaZGBLgJnUjLre-wxFG1W7I7g.woff2
fonts.gstatic.com/s/robotodraft/v17/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotodraft/v17/2sDaZGBLgJnUjLre-wxFG1W7I7g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900|RobotoDraft:400,100,300,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f951d8cddeccd93a00876eefa2ca605cc7d2aa659e993114b5224ad9691e5b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.safescorereward.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 00:16:53 GMT
x-content-type-options
nosniff
age
281773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17776
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:46:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jul 2024 00:16:53 GMT
2sDHZGBLgJnUjLre-wxFG10ABq0aRCw.woff2
fonts.gstatic.com/s/robotodraft/v17/
17 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotodraft/v17/2sDHZGBLgJnUjLre-wxFG10ABq0aRCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900|RobotoDraft:400,100,300,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
045b53aeb90ca9f58e8118988648452fa9dcc6aecbf7f1a82906b540f5b4dbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.safescorereward.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 08:37:49 GMT
x-content-type-options
nosniff
age
251717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17864
x-xss-protection
0
last-modified
Tue, 02 May 2023 17:04:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jul 2024 08:37:49 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/
55 KB
56 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin
https://www.safescorereward.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 06:33:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
871
age
36880
cdn-cachedat
04/18/2023 03:07:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56780
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"97493d3f11c0a3bd5cbd959f5d19b699"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
508404c1ba336a630f39a273a3ba7cee
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
GR
cdn-status
200
cf-ray
7e6ff8d69dd12329-ORD
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
eduforbetterment.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
safescorereward.com
www.opaypla.com
www.safescorereward.com
198.23.51.117
207.91.192.87
2606:4700::6811:180e
2606:4700::6812:bcf
2607:f8b0:4006:806::2003
2607:f8b0:4006:81c::200a
045b53aeb90ca9f58e8118988648452fa9dcc6aecbf7f1a82906b540f5b4dbe6
2f5950320b6af123f3f7d3c962f2b970e24a778dd0b935835927cd6e58366d89
381185e886df73631197e6722b5f0d7ce1f3a2adb1cc5fec991ebc8b12eb7d70
431c7edc18f8e463b55a6471d3369215935450f6a00ef391100a546c04bd8032
514ae0b397464fc5a46b2cd90eda0153676164f69a5d9053a8153935a833bc11
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
6e50ce97e3fcd1cac4d36b853c1194da167dc7709b9547feae2c76347894348a
6e99c3ecd2d3cd80e73e796badc1fca565a9c5a7dd0c5f1e464aa14b1e8b69fd
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
9d7ddb116f8b865f3ffc93a2a354e7514b21e2b9ed3806f0818229ccf4e13b0f
a13120e60e2d106a2cc758186f794ff4fabcf582f0bfcec0739f94036392be58
a2e75a4d1d8fa4c844de3664a2bdf0d5c070f088f08ca49ca9f204bb85caadb8
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b6cec6ebd93ecd2d24831c85c7e2e32edf60afabc34c38a61d4e8932b05ad13c
beaa2ae336296daf8d28fb94f0ed084e4ebc91cd95ae0df3226d32aaa7c305cc
f951d8cddeccd93a00876eefa2ca605cc7d2aa659e993114b5224ad9691e5b75