urlscan.io logo urlscan.io
SecurityTrails logo

www.reward1spot.com Open in urlscan Pro
2606:4700:e2::ac40:8a06  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wwwv.ingeniouschronology.xyz/link/af/index.html?cep=hD9rqiJeniCfANiz7WNYM2JE7ZsiReL-sNAVlSpuDYXP_v3AAW-35CV7qucLMqy5cmhysz8du...
Effective URL: https://www.reward1spot.com/ThankYou.aspx?source=P
Submission: On April 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 6 domains to perform 5 HTTP transactions. The main IP is 2606:4700:e2::ac40:8a06, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.reward1spot.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 4th 2020. Valid for: 8 months.
This is the only time www.reward1spot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 104.18.20.156 13335 (CLOUDFLAR...)
1 1 34.204.140.168 14618 (AMAZON-AES)
1 4 104.17.241.41 13335 (CLOUDFLAR...)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700:e2:... 13335 (CLOUDFLAR...)
5 3
1    2606:4700::6812:4895 (United States)

ASN13335 (CLOUDFLARENET, US)
wwwv.ingeniouschronology.xyz
1    104.18.20.156 (United States)

ASN13335 (CLOUDFLARENET, US)
www.oteuforum.com
1    34.204.140.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-140-168.compute-1.amazonaws.com
c.spnccrzone.com
4    104.17.241.41 (United States)

ASN13335 (CLOUDFLARENET, US)
www.restaurantpromotionsusa.com
2    2606:4700::6811:ec32 (United States)

ASN13335 (CLOUDFLARENET, US)
www.amarktflow.com
2    2606:4700:e2::ac40:8a06 (United States)

ASN13335 (CLOUDFLARENET, US)
www.reward1spot.com
Domain Requested by
4 www.restaurantpromotionsusa.com 1 redirects www.restaurantpromotionsusa.com
2 www.reward1spot.com 1 redirects www.restaurantpromotionsusa.com
2 www.amarktflow.com 2 redirects
1 c.spnccrzone.com 1 redirects
1 www.oteuforum.com 1 redirects
1 wwwv.ingeniouschronology.xyz
5 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-06 -
2020-10-09		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://www.reward1spot.com/ThankYou.aspx?source=P
Frame ID: 7A06039D925A274AC8A32D5C93F87360
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://wwwv.ingeniouschronology.xyz/link/af/index.html?cep=hD9rqiJeniCfANiz7WNYM2JE7ZsiReL-sNAVlSpuDYXP_v3AAW-35... Page URL
  2. http://www.oteuforum.com/click HTTP 302
    http://c.spnccrzone.com/?oex3=MyXqBEuExX0hrb65i%2b%2bAp1MdVvjuyrIi-JNRT5du4udM%3d&s1=779a978c-a10b-4... HTTP 302
    https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=20... Page URL
  3. https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=20... HTTP 302
    https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26re... HTTP 302
    https://www.amarktflow.com/default.aspx?Flow=c55c9d6f-e3b3-444e-8336-01fa5764e0a1&&PubSrc=%26PubSrc%3D%... HTTP 302
    https://www.reward1spot.com/default.aspx?Flow=14DFA36E-2CBA-FF63-0C3E-609127B1C063DB63355C&&PubSrc=%26Pu... HTTP 302
    https://www.reward1spot.com/ThankYou.aspx?source=P Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

5
Requests

80 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

3
IPs

1
Countries

18 kB
Transfer

21 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wwwv.ingeniouschronology.xyz/link/af/index.html?cep=hD9rqiJeniCfANiz7WNYM2JE7ZsiReL-sNAVlSpuDYXP_v3AAW-35CV7qucLMqy5cmhysz8dukJc2N-e20yjkeC11VCDOeH269BXXQ90IeoM2FOqC674XtVNvbskloMEQbv6reyLtr8SmkpZH1amp_XILnDbifL1fFJZq01JwbrtqwjjKhikz8_EYcKLb7H9eWpThcA175Qbi89viBaX3zecVGqKpVTAr8YSwiW0iIOEwxoKHCo8l0hGa4Q6l5i_WszgXDR9c1w3MlzICyyIl4LRAO18yyGDd55b3vL4POeGD4rv8lLBS0rb-v6Uy93gh-cnc3PaBedMmfhv2ULVhyRRKzNtVqaG3s6tOs8qZ0IInIulX0QZYrMSmSdHEdgnaT5ppbhMY3xh7Nwn3j0KBPJJ49UHbqJQsLKJrE2mx6AM7MHB4QHVxaHzsFcH4zlmcTkcq0k9Zfw0Jm4WH_MZzR5RWvxbDScBR29cPWUGK9Q&lptoken=154687551508518a125b&3=ts151-international-general&4=159136232&5=&6=US&7=19779&8=&2=0.042&1=1587153312.18-159136232-19779 Page URL
  2. http://www.oteuforum.com/click HTTP 302
    http://c.spnccrzone.com/?oex3=MyXqBEuExX0hrb65i%2b%2bAp1MdVvjuyrIi-JNRT5du4udM%3d&s1=779a978c-a10b-4118-9bd4-e441119ddc68&s2=d0guu2ohms4ldsduhjldopck HTTP 302
    https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID= Page URL
  3. https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID=&__cf_chl_jschl_tk__=ea1d4c280b87902e6cd98a5ae75e888f96037113-1587156248-0-AeARdW2KF1KenN3pGLMi9nkbYTTLl7tqzqNveL2pwxSv5swqQECEACzD-gcJq6zskuNqb499dl88zVTQPTFVJK_lrfRP8z193Wa3sGOmBvAOuBdYhXlOPi0RLoewojpX_GZpCEd_xStRbEW6d4yKj0bGWKdnB-cQkd8-79qwyOH97A8krmFmOYszWBV1trwSsIRNew18IdY5qu9sqyR9WFKjgNSmwqyPDXtI-vjEriOhjfFOPICbbKfWghiPogTev4sAqXrEkGBm_-mRfTS9IRpVGnHFmtx_HwuNXZVHwuIv1bHQnU2U865wMN4W-RLOh3UrKBFIk3MSZmwTvNaC0Zl6xIRtSlovyS-Y43GkkHmgUM7ZbsN5CVvZMNP4rHTYnU-iyvjfB_AEjSOQVcZNJHnt-aJxD6guEz--OhlS0GVuLsKswsi5xfXCfX-pKhflJOr2b664H8MneSRrk4kiKNwXxnf7drm_rvj3xHLQt60WMnT46rvvDTnhEQXhkGSbbOB9vYEj99-MvH_DxWNglKA HTTP 302
    https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Dmcdvsbk%26o%3D205070&SubAff=779a978c-a10b-4118-9bd4-e441119ddc68_203400_91533_McDonaldsBurgerKing&Freq=0&isUserLookUp=False&isULUDone=False&PIY=zLBm3gAephGOxDw70CkeMw2 HTTP 302
    https://www.amarktflow.com/default.aspx?Flow=c55c9d6f-e3b3-444e-8336-01fa5764e0a1&&PubSrc=%26PubSrc%3D%26reward%3Dmcdvsbk%26o%3D205070&SubAff=779a978c-a10b-4118-9bd4-e441119ddc68_203400_91533_McDonaldsBurgerKing&Freq=0&isUserLookUp=False&isULUDone=False&PIY=zLBm3gAephGOxDw70CkeMw2 HTTP 302
    https://www.reward1spot.com/default.aspx?Flow=14DFA36E-2CBA-FF63-0C3E-609127B1C063DB63355C&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26reward%3Dmcdvsbk%26o%3D205070&SubAff=779a978c-a10b-4118-9bd4-e441119ddc68_203400_91533_McDonaldsBurgerKing&Freq=0&isUserLookUp=False&isULUDone=False&PIY=zLBm3gAephGOxDw70CkeMw2 HTTP 302
    https://www.reward1spot.com/ThankYou.aspx?source=P Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://www.oteuforum.com/click HTTP 302
  • http://c.spnccrzone.com/?oex3=MyXqBEuExX0hrb65i%2b%2bAp1MdVvjuyrIi-JNRT5du4udM%3d&s1=779a978c-a10b-4118-9bd4-e441119ddc68&s2=d0guu2ohms4ldsduhjldopck HTTP 302
  • https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID=

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set index.html
wwwv.ingeniouschronology.xyz/link/af/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://wwwv.ingeniouschronology.xyz/link/af/index.html?cep=hD9rqiJeniCfANiz7WNYM2JE7ZsiReL-sNAVlSpuDYXP_v3AAW-35CV7qucLMqy5cmhysz8dukJc2N-e20yjkeC11VCDOeH269BXXQ90IeoM2FOqC674XtVNvbskloMEQbv6reyLtr8SmkpZH1amp_XILnDbifL1fFJZq01JwbrtqwjjKhikz8_EYcKLb7H9eWpThcA175Qbi89viBaX3zecVGqKpVTAr8YSwiW0iIOEwxoKHCo8l0hGa4Q6l5i_WszgXDR9c1w3MlzICyyIl4LRAO18yyGDd55b3vL4POeGD4rv8lLBS0rb-v6Uy93gh-cnc3PaBedMmfhv2ULVhyRRKzNtVqaG3s6tOs8qZ0IInIulX0QZYrMSmSdHEdgnaT5ppbhMY3xh7Nwn3j0KBPJJ49UHbqJQsLKJrE2mx6AM7MHB4QHVxaHzsFcH4zlmcTkcq0k9Zfw0Jm4WH_MZzR5RWvxbDScBR29cPWUGK9Q&lptoken=154687551508518a125b&3=ts151-international-general&4=159136232&5=&6=US&7=19779&8=&2=0.042&1=1587153312.18-159136232-19779
Protocol
HTTP/1.1
Server
2606:4700::6812:4895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3f87103627dbf8b26b2cc86470a21f29884256be4d2ea6d931b8ad8c40d03f

Request headers

Host
wwwv.ingeniouschronology.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 20:44:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d53aa0040f0296c3d4b8985177f43c9361587156247; expires=Sun, 17-May-20 20:44:07 GMT; path=/; domain=.wwwv.ingeniouschronology.xyz; HttpOnly; SameSite=Lax
Last-Modified
Thu, 14 Nov 2019 17:18:15 GMT
Vary
Accept-Encoding
CF-Cache-Status
HIT
Age
1263712
Expires
Sat, 17 Apr 2021 20:44:07 GMT
Cache-Control
public, max-age=31536000
Server
cloudflare
CF-RAY
5858fb725fdfd6f1-FRA
Content-Encoding
gzip
cf-request-id
022b7b7b770000d6f125297200000001
/
www.restaurantpromotionsusa.com/
Redirect Chain
  • http://www.oteuforum.com/click
  • http://c.spnccrzone.com/?oex3=MyXqBEuExX0hrb65i%2b%2bAp1MdVvjuyrIi-JNRT5du4udM%3d&s1=779a978c-a10b-4118-9bd4-e441119ddc68&s2=d0guu2ohms4ldsduhjldopck
  • https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&su...
15 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.241.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ebd84b0ee0ce86574dc5a1f37e9ce1b0b8b83b8fd6f0927bdadec07ea491873
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.restaurantpromotionsusa.com
:scheme
https
:path
/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://wwwv.ingeniouschronology.xyz/link/af/index.html?cep=hD9rqiJeniCfANiz7WNYM2JE7ZsiReL-sNAVlSpuDYXP_v3AAW-35CV7qucLMqy5cmhysz8dukJc2N-e20yjkeC11VCDOeH269BXXQ90IeoM2FOqC674XtVNvbskloMEQbv6reyLtr8SmkpZH1amp_XILnDbifL1fFJZq01JwbrtqwjjKhikz8_EYcKLb7H9eWpThcA175Qbi89viBaX3zecVGqKpVTAr8YSwiW0iIOEwxoKHCo8l0hGa4Q6l5i_WszgXDR9c1w3MlzICyyIl4LRAO18yyGDd55b3vL4POeGD4rv8lLBS0rb-v6Uy93gh-cnc3PaBedMmfhv2ULVhyRRKzNtVqaG3s6tOs8qZ0IInIulX0QZYrMSmSdHEdgnaT5ppbhMY3xh7Nwn3j0KBPJJ49UHbqJQsLKJrE2mx6AM7MHB4QHVxaHzsFcH4zlmcTkcq0k9Zfw0Jm4WH_MZzR5RWvxbDScBR29cPWUGK9Q&lptoken=154687551508518a125b&3=ts151-international-general&4=159136232&5=&6=US&7=19779&8=&2=0.042&1=1587153312.18-159136232-19779
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://wwwv.ingeniouschronology.xyz/link/af/index.html?cep=hD9rqiJeniCfANiz7WNYM2JE7ZsiReL-sNAVlSpuDYXP_v3AAW-35CV7qucLMqy5cmhysz8dukJc2N-e20yjkeC11VCDOeH269BXXQ90IeoM2FOqC674XtVNvbskloMEQbv6reyLtr8SmkpZH1amp_XILnDbifL1fFJZq01JwbrtqwjjKhikz8_EYcKLb7H9eWpThcA175Qbi89viBaX3zecVGqKpVTAr8YSwiW0iIOEwxoKHCo8l0hGa4Q6l5i_WszgXDR9c1w3MlzICyyIl4LRAO18yyGDd55b3vL4POeGD4rv8lLBS0rb-v6Uy93gh-cnc3PaBedMmfhv2ULVhyRRKzNtVqaG3s6tOs8qZ0IInIulX0QZYrMSmSdHEdgnaT5ppbhMY3xh7Nwn3j0KBPJJ49UHbqJQsLKJrE2mx6AM7MHB4QHVxaHzsFcH4zlmcTkcq0k9Zfw0Jm4WH_MZzR5RWvxbDScBR29cPWUGK9Q&lptoken=154687551508518a125b&3=ts151-international-general&4=159136232&5=&6=US&7=19779&8=&2=0.042&1=1587153312.18-159136232-19779#

Response headers

status
503
date
Fri, 17 Apr 2020 20:44:08 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
set-cookie
__cfduid=d10961db9629ed3b94ef60bb426423e4a1587156248; expires=Sun, 17-May-20 20:44:08 GMT; path=/; domain=.restaurantpromotionsusa.com; HttpOnly; SameSite=Lax
cache-control
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5858fb760b6986ad-ARN
cf-request-id
022b7b7dc8000086adae8e2200000001

Redirect headers

Date
Fri, 17 Apr 2020 20:44:07 GMT
Content-Type
text/html; charset=utf-8
Content-Length
283
Location
https://www.RestaurantPromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID=
Set-Cookie
trk=pPiCU/C2K+VNQCplEc8pSiwl1ch/xcIlxAvlcjgD5SBfW6B6i2LpCe1B7SS6czlR9InRvJObzOQ=; Domain=.spnccrzone.com; Expires=Sun, 17 Apr 2022 20:44:07 GMT; HttpOnly sid=pPiCU/C2K+VNQCplEc8pSk9V1JFUZqeFxAvlcjgD5SCLlTWgH0rxou1B7SS6czlRlgDJwpjxrOw=; Domain=.spnccrzone.com; HttpOnly x205070=Z3QZCHwYBVc4GtWXfaBEMWugqixsZvF4ozH8P0Aya1TbcvzYV7cvmPlT5e4x3ANKaWhrxBM1PBNgNOD7toZpBAZYXOhY+17vjHZ1GtwWI6iG3MdQtzEmk73Cppj2POQkSvYsDbPVk/+gl+0jINwSgCFcqL8UgPfWrSehKH4FTTlow9AjG3mVyLwqzOOAviUljJ/VvqsJ0/MiErCBiplmqFkD1geDbPjmsHdecwavJDeFVvm0N9mjp+qg5Rhc+Dc+UFW/b+mEhfYVFdFRFpNA8urZDK24q0RtlhfWO2z+MGVft3vqD6nVfdULlTRyLDoBelYWfB0O5FMANTVHAhwHStkQaD8acOHyONgx7Xt3AuEgEzCgVO1JpKUY+pVjXr6A0gA4aV2BxBC37+74Te+zsV4IEliMUEWWNvreUAhHclU7tFKkteOwMiP+aVzirnxD7AW8jYlaSW103E1uRU+Kc3LjrqUqF02cnhJwX7uNaePgmqj/czsyr7cFsKArRlpvbUeXMUk3malS7sAaioxceK1x+e8YvZ1omq2QBmXv27En7gg2WhVf36arcAge7hiX1jh38h0W+XTJI23HoPXRTJR0OxLNJiTsQuNaXVTwcNLr2p+xHCOuCSJOvNrRi7OTY4lVZQWWTfXC8A47qxp627ev6hHUO+v8ETBx7jfJbhKmHIG+Uv4iir3bAyiykqNEaH3ONNhc2H00f3YBxQgkPobWrMhxnFbJHup2KSfyv5oPeZ7lg7VGS+myT2iMquSM9+mxpgcJ7O25lyVgmwpp+V5ZIMTxMM9StT4m66IKBIG0tRHTFtCU64GHz5gd0d4FtK4iV+HcTK+DgacRi8EO4RS15JHD4LosAZTrKWtj/IIghQChZr6hpXdAUR1oelwgFfrs53yTxMZsgQFMpZBkrymuylgc92CuBsGHgAbQ5WJKOd0BE1mDnE4wjTWz4iP3dwShilzj2l2b0t6kRNCKMZCuhnOGK/lrotGd0ACwYe0wBlk5cWP+WV8AaAJCY4SIpEGSuyYMuiCl0va72DoOlrFe7c61tBpOdWNl7X1sXieed+wFwzlj3err9a73Lpn0WzRg3CFL0x9WNOFtw6Kj1j7RTIF83DWClDv7+e78gV0JFX+ut6CxaAf6MksfqjwM1ibwDebeLFdhIwEOqQZof/R6FbZL84pNff/Nv7jnk2q9MWSXddvcyn9hGPq36Ook7Pvrs70Y2YDPN24KCZh8ShUiwH5mDeGjahAa3rTOCDgiQFurJ8yuokNz7Ri4see92pV4TkHiC36H3Agyo0zepXpxa+YeUDMXJw32hee8jBC7zgbVgmEBWypEI2OMSn6pc48Ihonfgvf+ofBtUauATSZmVPydldy7x1q4+APBDc6YnCfqMnUsfZ8usUrCHc7JRsiDTh2WfBDzQqTCxEwUN0iI1pYx0MDiOzfYg1Jn02y6bVDfs2QBj9WXLmfh9mogIYmqiu8mxbAYdJVCKotXnuhdLPZaAx21cnZgSi5vpHndCPvlXfAbTSw4fMk6Xp0CUonfb9pPgkpxFJSyvbQfS0+GLSUxFJ309BEdjPPAz+1hTBDtkVPrDMS6vzzgWcC9zwR7v+fcnc8a0r8q8YB+V8S6vzzgWcC9zwR7v+fcnc95Y68gVt8pfiTLlRXLoWob+8cyq5V+O+G/eMB/tT0bA7UQTv9/eux01i2EhxEX1z8w5UF+fgfYHjralAnw4k51gGSy5UAYS1Cn7EXAb8Ucxjjrsl1rwo0Vb+8mxYm5qxF0KCSJJv8ZAJgJf7ZX4woqpWn3t9Mnw4cDCx5Q81eW8FR/oo1YSn6f4nI5zgtm7NA=; Domain=.spnccrzone.com; Expires=Sun, 17 May 2020 20:44:07 GMT; HttpOnly
X-Ckt
bqd1a5opjh5cjbl2l54g
X-Ray
bqd1a5opjh5cjbl2l52g
transparent.gif
www.restaurantpromotionsusa.com/cdn-cgi/images/trace/jschal/nojs/ 		42 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.restaurantpromotionsusa.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=5858fb760b6986ad
Requested by
Host: www.restaurantpromotionsusa.com
URL: https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.241.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 20:44:08 GMT
last-modified
Tue, 14 Apr 2020 14:44:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5e95cc4d-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5858fb76aba986ad-ARN
content-length
42
cf-request-id
022b7b7e2a000086adae8e5200000001
expires
Fri, 17 Apr 2020 22:44:08 GMT
transparent.gif
www.restaurantpromotionsusa.com/cdn-cgi/images/trace/jschal/js/ 		42 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.restaurantpromotionsusa.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=5858fb760b6986ad
Requested by
Host: www.restaurantpromotionsusa.com
URL: https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.241.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 20:44:08 GMT
last-modified
Tue, 14 Apr 2020 14:44:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5e95cc4d-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5858fb76bbb086ad-ARN
content-length
42
cf-request-id
022b7b7e2f000086adae8e6200000001
expires
Fri, 17 Apr 2020 22:44:08 GMT
Primary Request ThankYou.aspx
www.reward1spot.com/
Redirect Chain
  • https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&su...
  • https://www.amarktflow.com/default.aspx?Flow=77633E9F-47E8-489C-5083-1293A97FBD147ACED00F&&PubSrc=%26reward%3Dmcdvsbk%26o%3D205070&SubAff=779a978c-a10b-4118-9bd4-e441119ddc68_203400_91533_McDonalds...
  • https://www.amarktflow.com/default.aspx?Flow=c55c9d6f-e3b3-444e-8336-01fa5764e0a1&&PubSrc=%26PubSrc%3D%26reward%3Dmcdvsbk%26o%3D205070&SubAff=779a978c-a10b-4118-9bd4-e441119ddc68_203400_91533_McDon...
  • https://www.reward1spot.com/default.aspx?Flow=14DFA36E-2CBA-FF63-0C3E-609127B1C063DB63355C&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26reward%3Dmcdvsbk%26o%3D205070&SubAff=779a978c-a10b-4118-9bd4-e441119ddc...
  • https://www.reward1spot.com/ThankYou.aspx?source=P
828 B
518 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.reward1spot.com/ThankYou.aspx?source=P
Requested by
Host: www.restaurantpromotionsusa.com
URL: https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dbaac780a9203e57089c738d8df52f8ea56a59786da8b5c194bf70d744345369

Request headers

:method
GET
:authority
www.reward1spot.com
:scheme
https
:path
/ThankYou.aspx?source=P
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID=
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d85a3fe015818640366de5913a18ae3fa1587156253; ASP.NET_SessionId=voqmtaxf1sbml4enmsnpmp1o; AF3_Cookie=
Upgrade-Insecure-Requests
1
Origin
https://www.restaurantpromotionsusa.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.restaurantpromotionsusa.com/?Flow=6b51d955-0748-462e-9eb5-0ccdd7eceb37&isPrePop=true&reward=mcdvsbk&o=205070&subaff1=779a978c-a10b-4118-9bd4-e441119ddc68&subaff2=203400&subaff3=91533&subaff4=McDonaldsBurgerKing&DVID=

Response headers

status
200
date
Fri, 17 Apr 2020 20:44:14 GMT
content-type
text/html; charset=utf-8
cache-control
private
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5858fb9b5f1e1f31-FRA
content-encoding
br
cf-request-id
022b7b951600001f31bfa43200000001

Redirect headers

status
302
date
Fri, 17 Apr 2020 20:44:13 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d85a3fe015818640366de5913a18ae3fa1587156253; expires=Sun, 17-May-20 20:44:13 GMT; path=/; domain=.reward1spot.com; HttpOnly; SameSite=Lax ASP.NET_SessionId=voqmtaxf1sbml4enmsnpmp1o; path=/; HttpOnly AF3_Cookie=; expires=Sat, 17-Apr-2021 20:44:13 GMT; path=/
cache-control
private
location
/ThankYou.aspx?source=P
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5858fb99dbd51f31-FRA
cf-request-id
022b7b942600001f31bfa32200000001

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

3 Cookies

Domain/Path Name / Value
www.reward1spot.com/ Name: AF3_Cookie
Value:
www.reward1spot.com/ Name: ASP.NET_SessionId
Value: voqmtaxf1sbml4enmsnpmp1o
.reward1spot.com/ Name: __cfduid
Value: d85a3fe015818640366de5913a18ae3fa1587156253