urlscan.io logo urlscan.io
SecurityTrails logo

easternrewards.com Open in urlscan Pro
3.229.35.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://easternrewards.com/
Effective URL: https://easternrewards.com/welcome
Submission: On October 24 via api from BE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 17 HTTP transactions. The main IP is 3.229.35.77, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is easternrewards.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 23rd 2024. Valid for: a year.
This is the only time easternrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 3.229.35.77 14618 (AMAZON-AES)
2 104.17.25.14 13335 (CLOUDFLAR...)
2 142.251.33.170 15169 (GOOGLE)
1 151.101.1.229 54113 (FASTLY)
2 54.231.197.160 16509 (AMAZON-02)
1 18.173.132.86 16509 (AMAZON-02)
1 142.250.190.106 15169 (GOOGLE)
1 142.251.41.35 15169 (GOOGLE)
17 8
8    3.229.35.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-35-77.compute-1.amazonaws.com
easternrewards.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    142.251.33.170 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz10s17-in-f10.1e100.net
ajax.googleapis.com
1    151.101.1.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    54.231.197.160 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    18.173.132.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-86.jfk52.r.cloudfront.net
cdn.rollbar.com
1    142.250.190.106 (United States)

ASN15169 (GOOGLE, US)
PTR: ord37s35-in-f10.1e100.net
fonts.googleapis.com
1    142.251.41.35 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s08-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 easternrewards.com
easternrewards.com
2 MB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
fonts.googleapis.com — Cisco Umbrella Rank: 30
96 KB
2 amazonaws.com
s3.amazonaws.com
106 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
5 KB
1 gstatic.com
fonts.gstatic.com
23 KB
1 rollbar.com
cdn.rollbar.com — Cisco Umbrella Rank: 14046
24 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
208 KB
17 7
Domain Requested by
8 easternrewards.com 1 redirects easternrewards.com
cdn.rollbar.com
2 s3.amazonaws.com easternrewards.com
2 ajax.googleapis.com
2 cdnjs.cloudflare.com easternrewards.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com easternrewards.com
1 cdn.rollbar.com easternrewards.com
1 cdn.jsdelivr.net
17 8

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
fanmaker.com
Subject Issuer Validity Valid
easternrewards.com
Amazon RSA 2048 M03		 2024-10-23 -
2025-11-21		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-09-18 -
2025-09-16		 a year crt.sh
cdn.rollbar.com
Amazon RSA 2048 M03		 2024-04-11 -
2025-05-09		 a year crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://easternrewards.com/welcome
Frame ID: 05FA5C50FCA6E9A56BD3DBBC729A0EAE
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome | Eastern Rewards

Page URL History Show full URLs

  1. https://easternrewards.com/ HTTP 302
    https://easternrewards.com/welcome Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

2885 kB
Transfer

3839 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://easternrewards.com/ HTTP 302
    https://easternrewards.com/welcome Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request welcome
easternrewards.com/
Redirect Chain
  • https://easternrewards.com/
  • https://easternrewards.com/welcome
21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://easternrewards.com/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.229.35.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-35-77.compute-1.amazonaws.com
Software
nginx/1.18.0 + Phusion Passenger(R) 6.0.23 / Phusion Passenger(R) 6.0.23
Resource Hash
380042f8cbdfc0df607bc23ba8a2c5a21135647f30f975f3fda65a4bb6b9a040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 24 Oct 2024 01:59:10 GMT
link
<//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.6.1/html5shiv.js>; rel=preload; as=script; nopush,</assets/application-0e9e08f78adb4655944319687c389cdd078a58a8b357a8756bad503ffd8c467e.css>; rel=preload; as=style; nopush,<https://ajax.googleapis.com/ajax/libs/angularjs/1.6.1/angular.min.js>; rel=preload; as=script; nopush,<https://ajax.googleapis.com/ajax/libs/angularjs/1.6.1/angular-animate.js>; rel=preload; as=script; nopush,<https://cdn.jsdelivr.net/npm/@mux/mux-player>; rel=preload; as=script; nopush,</assets/application-352fc70fd69809734f2d68d3e444d683fa3624569e9ca21a601ef90098a1724e.js>; rel=preload; as=script; nopush
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.18.0 + Phusion Passenger(R) 6.0.23
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R) 6.0.23
x-request-id
fa599d60-de65-4d3f-8965-fdd50d80e81d
x-runtime
0.495383
x-xss-protection
0

Redirect headers

cache-control
no-cache
content-type
text/html; charset=utf-8
date
Thu, 24 Oct 2024 01:59:09 GMT
location
https://easternrewards.com/welcome
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.18.0 + Phusion Passenger(R) 6.0.23
status
302 Found
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R) 6.0.23
x-request-id
7f4e9881-6090-4301-a3bc-17644390d308
x-runtime
0.372256
x-xss-protection
0
html5shiv.js
cdnjs.cloudflare.com/ajax/libs/html5shiv/3.6.1/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.6.1/html5shiv.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b4798dc290f9ad0e16a62ea7500606f569133edc284090ca1e068f66e5d506
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e9e-8e2"
age
1225696
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLs%2FhGEYmWuQbb418dwv9wkLqj0kqoxCJEr%2Fm0kXMgLf%2BmsrAKzLPdfcfGRzYoV6HTPVYI8FtpRJ8WXhwQTuI7eerwBPPSkGZ6zeXb1%2FuLsnrDiBdT1lgeifT%2F2ww9Wm8sfQopkr"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 01:59:10 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 01:59:10 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:10 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d765db06f6daaaa-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
939
server
cloudflare
application-0e9e08f78adb4655944319687c389cdd078a58a8b357a8756bad503ffd8c467e.css
easternrewards.com/assets/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://easternrewards.com/assets/application-0e9e08f78adb4655944319687c389cdd078a58a8b357a8756bad503ffd8c467e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.229.35.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-35-77.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ed6cdd414275bfc8cd934e5b64ff79ee7e44d734b438f4c9bfb86196d38ccda7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/welcome

Response headers

accept-ranges
bytes
content-length
1533821
date
Thu, 24 Oct 2024 01:59:10 GMT
etag
"6712af84-17677d"
content-type
text/css
last-modified
Fri, 18 Oct 2024 18:57:08 GMT
server
nginx/1.18.0 (Ubuntu)
angular.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.6.1/ 		162 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.6.1/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.33.170 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz10s17-in-f10.1e100.net
Software
sffe /
Resource Hash
dd2acb8cf7913dad687ccdbcd2bf8e31c52325928b5891ebe9246d46eddd45bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/

Response headers

content-encoding
gzip
age
462013
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 17:38:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 17:38:57 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
58281
x-xss-protection
0
server
sffe
angular-animate.js
ajax.googleapis.com/ajax/libs/angularjs/1.6.1/ 		147 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.6.1/angular-animate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.33.170 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz10s17-in-f10.1e100.net
Software
sffe /
Resource Hash
04182e7e7c913967bb046331eed1937ccc9f3e1fd229b122cffdcce75203203e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/

Response headers

content-encoding
gzip
age
446411
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 21:58:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:58:59 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
38386
x-xss-protection
0
server
sffe
mux-player
cdn.jsdelivr.net/npm/@mux/ 		831 KB
208 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mux/mux-player
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d6e6116bdfa3cc4064540e93681d023a4b6a219691698dc212636c51dba8e785
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"cfc9c-j9MF/Gf4OedDMnnIDbNOKXvVpLU"
age
36922
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 24 Oct 2024 01:59:10 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220064-FRA, cache-yyz4536-YYZ
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
212621
x-jsd-version
3.0.0
application-352fc70fd69809734f2d68d3e444d683fa3624569e9ca21a601ef90098a1724e.js
easternrewards.com/assets/ 		898 KB
899 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://easternrewards.com/assets/application-352fc70fd69809734f2d68d3e444d683fa3624569e9ca21a601ef90098a1724e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.229.35.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-35-77.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
437c3c36935c820a190fc9191f1872bae296f72620a140d28762479d41062470

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/welcome

Response headers

accept-ranges
bytes
content-length
919195
date
Thu, 24 Oct 2024 01:59:10 GMT
etag
"6712af84-e069b"
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 18:57:08 GMT
server
nginx/1.18.0 (Ubuntu)
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: easternrewards.com
URL: https://easternrewards.com/welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03d2a-ce35"
age
34527
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VtQnULwZGYRWMEbQSMQzcLEzNu7gKA1YspByMO7n7cwndXo1gcHcYkLx5ZZv3OmykObaz92iMLNipIx2NgpJozT3%2FCHYDjIzHe9aODAg8oCu0Jd2dWaK8gCCyI4R%2BmqzvNQeWdAI"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 01:59:10 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 01:59:10 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:04:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d765db06f6faaaa-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
3279
server
cloudflare
welcome_foreground.display.png
s3.amazonaws.com/fanmaker-rewards-production/sites/373/themes/261/hud/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/fanmaker-rewards-production/sites/373/themes/261/hud/welcome_foreground.display.png?1729293245
Requested by
Host: easternrewards.com
URL: https://easternrewards.com/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
54.231.197.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e99b1a08bbd5f530e44242260ecc31e57c1bea1b421bef8f10dc34630f4648d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/

Response headers

x-amz-id-2
lFEE8+LpanQGS/FmVdiUEih36Qx87F7lNyKxWvZRgEVezmBB4i5pWvqAHjGaD1yO126ea4/g4HM=
ETag
"c870f484f7559186d5d4468ff27f842c"
x-amz-version-id
ayKNxZAjzzZ6L4a7QOR1yQy.Bmicl9eE
x-amz-request-id
VDP0ZYHD9S78RDDV
Accept-Ranges
bytes
Content-Length
11207
Date
Thu, 24 Oct 2024 01:59:11 GMT
Last-Modified
Fri, 18 Oct 2024 23:14:13 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
ios_app-ec63e715aa510ba8e1243eb601cc54fcf734b7e2af1a323c67ca0278d6192cc7.jpg
easternrewards.com/assets/welcome/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easternrewards.com/assets/welcome/ios_app-ec63e715aa510ba8e1243eb601cc54fcf734b7e2af1a323c67ca0278d6192cc7.jpg
Requested by
Host: easternrewards.com
URL: https://easternrewards.com/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.229.35.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-35-77.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5c675bcd64d6474646cbdcd19a00e4e4a817e786bbd7def1872bb011b224172a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/welcome

Response headers

accept-ranges
bytes
content-length
7811
date
Thu, 24 Oct 2024 01:59:10 GMT
etag
"6712af83-1e83"
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 18:57:07 GMT
server
nginx/1.18.0 (Ubuntu)
android_app-785ebe62584f2bd7f9ccbe653bf49fdca66cfab8ca81ae59e38f950d0872475e.jpg
easternrewards.com/assets/welcome/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://easternrewards.com/assets/welcome/android_app-785ebe62584f2bd7f9ccbe653bf49fdca66cfab8ca81ae59e38f950d0872475e.jpg
Requested by
Host: easternrewards.com
URL: https://easternrewards.com/welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.229.35.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-35-77.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3a5861771c061d4a2bb3ac3902d5c291705f1ef36fd868d6e355842547409891

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/welcome

Response headers

accept-ranges
bytes
content-length
7578
date
Thu, 24 Oct 2024 01:59:10 GMT
etag
"6712af83-1d9a"
content-type
image/jpeg
last-modified
Fri, 18 Oct 2024 18:57:07 GMT
server
nginx/1.18.0 (Ubuntu)
rollbar.min.js
cdn.rollbar.com/rollbarjs/refs/tags/v2.26.1/ 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rollbar.com/rollbarjs/refs/tags/v2.26.1/rollbar.min.js
Requested by
Host: easternrewards.com
URL: https://easternrewards.com/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-86.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41764f6cf1cfa99fad12f1ee265ea0bb292761f6b15d1f5432756524854cd77f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://easternrewards.com
Referer
https://easternrewards.com/

Response headers

Content-Encoding
gzip
ETag
W/"ddf66d492e77fc149633a129f1f09c40"
Age
220325
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Bf0EarLy2fBQn6lxzdRf4_AhCjXNuFl_NJPorzkf9S5qJqtNtiNLUQ==
Date
Mon, 21 Oct 2024 12:47:11 GMT
Content-Type
application/javascript
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Last-Modified
Wed, 04 Jan 2023 20:16:53 GMT
Transfer-Encoding
chunked
Cache-Control
max-age=30672000,public
Connection
keep-alive
Via
1.1 59e9110c0585d6ff81049f7a7fa9938e.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
JFK52-P2
Server
AmazonS3
x-amz-server-side-encryption
AES256
css
fonts.googleapis.com/ 		6 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i
Requested by
Host: easternrewards.com
URL: https://easternrewards.com/assets/application-0e9e08f78adb4655944319687c389cdd078a58a8b357a8756bad503ffd8c467e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.190.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord37s35-in-f10.1e100.net
Software
ESF /
Resource Hash
e9bfb38e54e9d71df4e60c1482e9a6d0fb8b221eca7b5ac2d568ee4a61528e9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 01:59:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 01:59:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 24 Oct 2024 01:24:46 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
set_cookie_permissions
easternrewards.com/profile/ 		14 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://easternrewards.com/profile/set_cookie_permissions
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.26.1/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.229.35.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-35-77.compute-1.amazonaws.com
Software
nginx/1.18.0 + Phusion Passenger(R) 6.0.23 / Phusion Passenger(R) 6.0.23
Resource Hash
7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-CSRF-Token
ZNnK7KD-D6nbUNMQ4rc20rWhFx4HqwjOTLAQjwYMYGcoMCuqrhlmN3PrHF08rG6FQzXP0xNQSybCUKI_7xrQgQ
Referer
https://easternrewards.com/welcome
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-request-id
649892b2-9cc2-4754-914d-028d0077a452
etag
W/"7cd85494eb375cc958155aca095fd0ba"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
status
200 OK
date
Thu, 24 Oct 2024 01:59:15 GMT
content-type
application/json; charset=utf-8
vary
Accept
x-runtime
0.544913
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
x-xss-protection
0
x-powered-by
Phusion Passenger(R) 6.0.23
server
nginx/1.18.0 + Phusion Passenger(R) 6.0.23
welcome_background.display.jpg
s3.amazonaws.com/fanmaker-rewards-production/sites/373/themes/261/hud/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/fanmaker-rewards-production/sites/373/themes/261/hud/welcome_background.display.jpg?1729293245
Requested by
Host: easternrewards.com
URL: https://easternrewards.com/welcome
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
54.231.197.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
aec17ce1f20cd9ca45bdf615d34884a6e41c7de320278bb78752e287e591db87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/

Response headers

x-amz-id-2
jatXw5ByS4slgCXmk8EGgGYP+eI2EypeCjTnXj26rr/AieRZRSIa2aC5VYxLWghENCtF23RgU1k=
ETag
"d55ecf047c8b89eded130f6c92e30db6"
x-amz-version-id
5T1_FK_ocOsT6u_6NR_sIQc3vwVop5HT
x-amz-request-id
2HE8YE2NY5ZSP838
Accept-Ranges
bytes
Content-Length
96264
Date
Thu, 24 Oct 2024 01:59:16 GMT
Last-Modified
Fri, 18 Oct 2024 23:14:12 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.35 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s08-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://easternrewards.com
Referer
https://fonts.googleapis.com/

Response headers

age
452280
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 20:21:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 20:21:15 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
favicon.ico
easternrewards.com/ 		0
139 B 		Other
General
Check archive.org
Download Go to
Full URL
https://easternrewards.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.229.35.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-35-77.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://easternrewards.com/welcome

Response headers

accept-ranges
bytes
content-length
0
date
Thu, 24 Oct 2024 01:59:15 GMT
etag
"6712ac80-0"
content-type
image/x-icon
last-modified
Fri, 18 Oct 2024 18:44:16 GMT
server
nginx/1.18.0 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _rollbarConfig object| _rollbarShims object| Rollbar function| rollbar number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| ahoy_config string| api_token object| Ahoy object| angular function| __onGCastApiAvailable function| MuxVideoElement function| MediaDialog function| MxpDialog function| MuxPlayerElement function| t function| u function| A function| C function| y function| z function| B object| sjcl object| F object| FanMakerCookiePreferences function| $ function| jQuery object| jQuery112407769394387304058 object| PullToRefresh object| ko object| intlTelInputUtils function| moment string| prop object| Rails function| overlay function| disableButton function| enableButton function| notifyUser function| slideAlert function| sIfy function| flattenArray function| uniqArray function| calculateAge function| prettyAge function| setCache function| preloadImage function| readCache function| FanMakerOutputResult function| sdkOpenUrl function| FanMakerSDKDebugData function| fetchSDKValue function| storeSessionToken function| sendIdentifiers function| resetIdentifiers function| logoutSdkSession function| FanMakerRequestLocationAuthorization function| requestLocationAuthorization function| receiveLocationAuthorization function| FanMakerUpdateLocation function| updateLocation function| FanMakerAuthRequestCallback function| FanMakerLocationRequestIsRejected function| FanMakerAuthAndRequestWebViewLocation function| FanMakerAuthAndRequestLocation function| FanMakerReceiveLocationDefault function| FanMakerReceiveLocation function| normalizeFanMakerReturn function| FanMakerAlert function| FanMakerGuestAlert function| oneClick function| fetchProfileQr function| rewardsCardIsOpen function| openRewardsCard function| closeRewardsCard function| is_sdk_or_mobile_web function| is_sdk function| truncateString function| deliminateNumber function| handle_redirect object| Helpers object| FanMakerApi object| jsonViewData object| preferredCountries object| site_api object| current_api object| root_user_or_site_api string| site_id string| base_api3_url string| base_wallet_pass_api_url string| google_api_key_venues string| gears_url

1 Cookies

Domain/Path Name / Value
easternrewards.com/ Name: _rewards_hud_session
Value: fba2a853d6ec51bbb0ff172cd0531dc8

1 Console Messages

Source Level URL
Text
javascript warning URL: https://easternrewards.com/welcome
Message:
The resource https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.6.1/html5shiv.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdn.rollbar.com
cdnjs.cloudflare.com
easternrewards.com
fonts.googleapis.com
fonts.gstatic.com
s3.amazonaws.com
104.17.25.14
142.250.190.106
142.251.33.170
142.251.41.35
151.101.1.229
18.173.132.86
3.229.35.77
54.231.197.160
04182e7e7c913967bb046331eed1937ccc9f3e1fd229b122cffdcce75203203e
380042f8cbdfc0df607bc23ba8a2c5a21135647f30f975f3fda65a4bb6b9a040
3a5861771c061d4a2bb3ac3902d5c291705f1ef36fd868d6e355842547409891
41764f6cf1cfa99fad12f1ee265ea0bb292761f6b15d1f5432756524854cd77f
437c3c36935c820a190fc9191f1872bae296f72620a140d28762479d41062470
50b4798dc290f9ad0e16a62ea7500606f569133edc284090ca1e068f66e5d506
5c675bcd64d6474646cbdcd19a00e4e4a817e786bbd7def1872bb011b224172a
7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
aec17ce1f20cd9ca45bdf615d34884a6e41c7de320278bb78752e287e591db87
d6e6116bdfa3cc4064540e93681d023a4b6a219691698dc212636c51dba8e785
dd2acb8cf7913dad687ccdbcd2bf8e31c52325928b5891ebe9246d46eddd45bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99b1a08bbd5f530e44242260ecc31e57c1bea1b421bef8f10dc34630f4648d0
e9bfb38e54e9d71df4e60c1482e9a6d0fb8b221eca7b5ac2d568ee4a61528e9e
ed6cdd414275bfc8cd934e5b64ff79ee7e44d734b438f4c9bfb86196d38ccda7