urlscan.io logo urlscan.io
SecurityTrails logo

prepaidrewards.ca Open in urlscan Pro
54.84.105.126  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://prepaidrewards.ca/
Effective URL: https://prepaidrewards.ca/
Submission: On March 09 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 8 domains to perform 20 HTTP transactions. The main IP is 54.84.105.126, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is prepaidrewards.ca.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 24th 2023. Valid for: 3 months.
This is the only time prepaidrewards.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    54.84.105.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-105-126.compute-1.amazonaws.com
prepaidrewards.ca
1    2600:9000:23ca:2800:9:668:ac80:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.incommlabs.com
1    2607:f8b0:4006:823::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:823::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:821::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
7 prepaidrewards.ca
prepaidrewards.ca
410 KB
6 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 340
11 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 24
20 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 231
528 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
44 KB
1 incommlabs.com
assets.incommlabs.com
63 KB
20 8
Domain Requested by
7 prepaidrewards.ca 1 redirects prepaidrewards.ca
6 js-agent.newrelic.com prepaidrewards.ca
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com prepaidrewards.ca
1 bam.nr-data.net js-agent.newrelic.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com prepaidrewards.ca
1 assets.incommlabs.com prepaidrewards.ca
20 8

This site contains links to these domains. Also see Links.

Domain
windows.microsoft.com
Subject Issuer Validity Valid
prepaidrewards.ca
Amazon RSA 2048 M01		 2023-02-24 -
2023-05-20		 3 months crt.sh
assets.incommlabs.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-11-01		 8 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://prepaidrewards.ca/
Frame ID: 357F2515B8B52A7FE8A42EA79DBAA94C
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Prepaid Rewards

Page URL History Show full URLs

  1. http://prepaidrewards.ca/ HTTP 301
    https://prepaidrewards.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

8
IPs

1
Countries

595 kB
Transfer

1169 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://prepaidrewards.ca/ HTTP 301
    https://prepaidrewards.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
prepaidrewards.ca/
Redirect Chain
  • http://prepaidrewards.ca/
  • https://prepaidrewards.ca/
41 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.105.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-105-126.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a3a3e72362e4eaa353df99de5376a4202daeddf7080e924af3dbfb3398052cac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 09 Mar 2023 16:15:33 GMT
etag
W/"a3a3e72362e4eaa353df99de5376a420"
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.14.0 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
3ef6b05f-50a8-4314-a500-91cff8fa4c38
x-runtime
0.032452
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Thu, 09 Mar 2023 16:15:33 GMT
Location
https://prepaidrewards.ca:443/
Server
awselb/2.0
application-f09d0085584a9446d64fe84e1bdb663c6c537ea72550477b5036235eb2d3f562.css
prepaidrewards.ca/assets/ 		255 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prepaidrewards.ca/assets/application-f09d0085584a9446d64fe84e1bdb663c6c537ea72550477b5036235eb2d3f562.css
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.105.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-105-126.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e4d56505260e7e88f504688cc0b00f49c00927aeea978921d025f51aac183693

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 16:15:33 GMT
content-encoding
gzip
last-modified
Wed, 01 Feb 2023 08:21:54 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63da2122-a88c"
content-type
text/css
cache-control
max-age=315360000, public
content-length
43148
expires
Thu, 31 Dec 2037 23:55:55 GMT
app-472d7977.css
prepaidrewards.ca/packs/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prepaidrewards.ca/packs/css/app-472d7977.css
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.105.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-105-126.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3db3e222b551846569eb7910b63be215a2bc785f61ab5a0d82a981184e884858

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 16:15:33 GMT
last-modified
Thu, 09 Mar 2023 08:22:32 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"64099748-1284"
content-length
4740
content-type
text/css
redemption-8bff04680b4eeb79bc865179b7a6e7f9313c8c85a7de240ccc5506c737d8e648.js
prepaidrewards.ca/assets/ 		293 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prepaidrewards.ca/assets/redemption-8bff04680b4eeb79bc865179b7a6e7f9313c8c85a7de240ccc5506c737d8e648.js
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.105.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-105-126.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
370bcf78c210e188f4bfab10f01237147d473be4b07cbd7b9b98634132dc7bfe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 16:15:33 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 09:54:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"636cca4e-15130"
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
86320
expires
Thu, 31 Dec 2037 23:55:55 GMT
promotion-expired-0dbab6072153faa78d0466933079449f0f435ce43321e93bcf88d88d0137a4e8.png
prepaidrewards.ca/assets/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prepaidrewards.ca/assets/promotion-expired-0dbab6072153faa78d0466933079449f0f435ce43321e93bcf88d88d0137a4e8.png
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.105.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-105-126.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a72513be060ab85baf99861e0d462ff5661f15f9db9039cf0fecdf2a76a972b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 16:15:34 GMT
last-modified
Wed, 19 Aug 2020 11:19:15 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5f3d0ab3-302c"
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
12332
expires
Thu, 31 Dec 2037 23:55:55 GMT
Generic_Break_Apart_Card_with_Barcode_and_Mag_Stripe-Fastcard_CA_249.png
assets.incommlabs.com/image_property/19550/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.incommlabs.com/image_property/19550/Generic_Break_Apart_Card_with_Barcode_and_Mag_Stripe-Fastcard_CA_249.png
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:2800:9:668:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95a787856016781b33c16c4e671b5a1bce261ab2553ed6b5a3f79649864bd823

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 16:15:35 GMT
via
1.1 33aae203c47fd9e0f18a8f3f6d37fbfc.cloudfront.net (CloudFront)
last-modified
Fri, 13 May 2022 16:37:06 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
etag
"16753dcade26585e7606238246974838"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
64311
x-amz-cf-id
vFPDLhAm-AvNSgpEFZQu9BCCWeLM6Bgb3_Bs0vZCipo_yhL2ruFUkw==
promo_microsite-e9ef495c69e05a2eda8b.js
prepaidrewards.ca/packs/js/ 		249 KB
249 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prepaidrewards.ca/packs/js/promo_microsite-e9ef495c69e05a2eda8b.js
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.105.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-105-126.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6592a8d6f4e0b03d6c06e7860935d84c4d250ff4b2da4293db5ddbd6944c4cbb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 16:15:34 GMT
last-modified
Thu, 09 Mar 2023 08:22:32 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"64099748-3e36a"
content-length
254826
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1003065-42
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4a0e202d510fbbe74fc4a689b14bf41b278f568764c09d8dd48ef604f32acf80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 16:15:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44803
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 15:20:11 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Mar 2023 16:15:34 GMT
css
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i|Open+Sans:400,400i,700,700i|Roboto:400,400i,700,700i
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/assets/application-f09d0085584a9446d64fe84e1bdb663c6c537ea72550477b5036235eb2d3f562.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ddd940bf64bae3ee9b408d5b2270a7cd2e944d14855e4ab0ecb09fb80f001bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Mar 2023 16:15:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:15:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Mar 2023 16:15:34 GMT
css
fonts.googleapis.com/ 		695 B
781 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Duru+Sans
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/assets/application-f09d0085584a9446d64fe84e1bdb663c6c537ea72550477b5036235eb2d3f562.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b206bd79d70a9e339d0b6d1db5cd4f16d855dba04cfcab2a93ff23a9beede2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Mar 2023 16:15:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 15:59:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Mar 2023 16:15:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i|Open+Sans:400,400i,700,700i|Roboto:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://prepaidrewards.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 04:26:47 GMT
x-content-type-options
nosniff
age
42527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 04:26:47 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1003065-42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Mar 2023 14:47:24 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5290
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 09 Mar 2023 16:47:24 GMT
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1368256674&t=pageview&_s=1&dl=https%3A%2F%2Fprepaidrewards.ca%2F&ul=en-us&de=UTF-8&dt=Prepaid%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=998334894&gjid=1676058643&cid=926452640.1678378535&tid=UA-1003065-42&_gid=926939131.1678378535&_r=1&gtm=457e3360&z=352732668
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://prepaidrewards.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Mar 2023 16:15:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://prepaidrewards.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
async-api.6bb277af-1226.min.js
js-agent.newrelic.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/async-api.6bb277af-1226.min.js
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
UGVV8ZwcOVei2szXaq59iUl1hO_.ecPe
content-encoding
gzip
via
1.1 varnish
date
Thu, 09 Mar 2023 16:15:34 GMT
x-amz-request-id
RVDF8NA2W13SVSTW
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1094
x-amz-id-2
gpxG34Hc9he667YGuZ+FTjnkKwAporxgDGequjuWYaJcEMuvPXXOGwm3/dh747MToD+YjFl2qig=
x-served-by
cache-yul12827-YUL
last-modified
Tue, 21 Feb 2023 17:58:28 GMT
server
AmazonS3
x-timer
S1678378535.753666,VS0,VE0
etag
"dd573d973dfb2a2559befdfb616d511d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4424
lazy-loader.48127245-1226.min.js
js-agent.newrelic.com/ 		2 KB
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/lazy-loader.48127245-1226.min.js
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
RYYlcbWqAQXd8NZu5sGHRVd.T5RkMgvi
content-encoding
gzip
via
1.1 varnish
date
Thu, 09 Mar 2023 16:15:34 GMT
x-amz-request-id
RVD57N26355BE0Y6
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
520
x-amz-id-2
Mnd9F6pumduJm4mK+rDM7kSTzk7IaltqhZz4Tw3WexMpR93Gbfq/uJrVE6E7dVOA77MZFii09zY=
x-served-by
cache-yul12827-YUL
last-modified
Tue, 21 Feb 2023 17:58:28 GMT
server
AmazonS3
x-timer
S1678378535.753757,VS0,VE0
etag
"a3759bbbd15fffd73531bda1e8166ae7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4421
118.34a59fa6-1226.min.js
js-agent.newrelic.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/118.34a59fa6-1226.min.js
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
y3DJX7IlrJ72OYul3G3TdP3MeN5PgTuf
content-encoding
gzip
via
1.1 varnish
date
Thu, 09 Mar 2023 16:15:34 GMT
x-amz-request-id
RVD6E1K68HBD1RNY
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3412
x-amz-id-2
PRihDRCA+Q/GBrZWAYbdSeoVyHgPivrzLNGk7YPeCZgHhs96tTBxaiqizXt7iU3muFt0RXROvw0=
x-served-by
cache-yul12827-YUL
last-modified
Tue, 21 Feb 2023 17:58:28 GMT
server
AmazonS3
x-timer
S1678378535.786995,VS0,VE0
etag
"9c8a05b5703a1c30e0418f9ba42337df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3609
page_view_event-aggregate.29613e65-1226.min.js
js-agent.newrelic.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.29613e65-1226.min.js
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
faV1t.FERNjEp970yZi7HWWi1WEMzkUP
content-encoding
gzip
via
1.1 varnish
date
Thu, 09 Mar 2023 16:15:34 GMT
x-amz-request-id
RVDFFYK22CB86MGF
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1682
x-amz-id-2
EosrkzTzCywaGogKjtnNOaE6cqplpA6YBOXNXRvfDEwk1pTiqSSeR82YJZcVaBojF2b8amNFSX4=
x-served-by
cache-yul12827-YUL
last-modified
Tue, 21 Feb 2023 17:58:28 GMT
server
AmazonS3
x-timer
S1678378535.787099,VS0,VE0
etag
"0743ee0ec30428f3654ee07d779efb64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4398
page_view_timing-aggregate.6b3fec7f-1226.min.js
js-agent.newrelic.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.6b3fec7f-1226.min.js
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b0c739b6c32edb18c9cb1f81f69d99550a1b9582333dee3dea3196732221e77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
DO9Gty5K_gvhdqVoKBcMxYBpxtUKYiFC
content-encoding
gzip
via
1.1 varnish
date
Thu, 09 Mar 2023 16:15:34 GMT
x-amz-request-id
RVD3D68C1AVAGG0E
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2226
x-amz-id-2
WLhRYx+Fl4VGakENN/De0PMKJi23qhOOnzLkvwySwAz7XLHsa28ioGX04af3GIgvqxJ9kuKKm+Q=
x-served-by
cache-yul12827-YUL
last-modified
Tue, 21 Feb 2023 17:58:28 GMT
server
AmazonS3
x-timer
S1678378535.787168,VS0,VE0
etag
"bb17c46ee7bcc843be2e73f3e5b65d46"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3600
metrics-aggregate.7dcaee1b-1226.min.js
js-agent.newrelic.com/ 		1 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/metrics-aggregate.7dcaee1b-1226.min.js
Requested by
Host: prepaidrewards.ca
URL: https://prepaidrewards.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
UG0CzkEimlrXJ77FXLLaJQP0HdTD7Ej0
content-encoding
gzip
via
1.1 varnish
date
Thu, 09 Mar 2023 16:15:34 GMT
x-amz-request-id
RVD93PWY97K10631
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
730
x-amz-id-2
vIv6K4iaSXhOozYwLzpp+lx7tdZmiSpDYs2Pr2iNjLFhnqt7azgaK61TWJS0ijRifjg9GPAHBJk=
x-served-by
cache-yul12827-YUL
last-modified
Tue, 21 Feb 2023 17:58:28 GMT
server
AmazonS3
x-timer
S1678378535.787539,VS0,VE0
etag
"395608505dac1e4fbe08bd146e09f5c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4396
88424a9209
bam.nr-data.net/1/ 		49 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/88424a9209?a=17039194&v=1226.PROD&to=e15YQxFYCF5TS0pAV1xUW0cXXgtcRRYLV0U%3D&rst=1349&ck=0&s=9bebbd197c96d4aa&ref=https://prepaidrewards.ca/&ap=32&be=361&fe=855&dc=709&perf=%7B%22timing%22:%7B%22of%22:1678378533461,%22n%22:0,%22f%22:158,%22dn%22:164,%22dne%22:173,%22c%22:173,%22s%22:210,%22ce%22:244,%22rq%22:244,%22rp%22:331,%22rpe%22:333,%22dl%22:336,%22di%22:1068,%22ds%22:1068,%22de%22:1086,%22dc%22:1214,%22l%22:1214,%22le%22:1218%7D,%22navigation%22:%7B%7D%7D&fp=886&fcp=886&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6bb277af-1226.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prepaidrewards.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 16:15:34 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
7a549e130ed719b6-EWR

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA function| applyMask function| removeMask function| checkIsAutoFilled function| bindPhoneNumber function| bindFormSubmitByConfirmation function| $ function| jQuery object| jQuery112403291143180273377 object| bootstrap object| dataConfirmModal function| daterangepicker object| isMobile function| setImmediate function| clearImmediate function| showPopup function| gtag object| dataLayer object| swipe_det object| ele object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
prepaidrewards.ca/ Name: _valueadd_session
Value: ZnlFUHVZbGE5K1N0T3lnNjBUQ2pKVGxHNUMwTEZRVVRYSi9SbXNEazJzWmxyOFNTWTc0U3Z2bHRhanE5TUw4OW8vOHdSUjE0Yy8vQ0hXNWtSdEkvM3RsMDlhWVBRQUM3RXNlcndzcEZkZU1naFBURk5yWnB5QVk5Wm5QRm5ORlZCYmp6SDN0N1JKWHEvTHQ3QkxXZ1F0L2tBUVhrbEYwNHJSdmt4b1oxNWFRMFVoVnBFTHJaeXptZ0JrN2R2ODdwLS11RDZmM0JjZ1M4Q3BDY1c3eWtSUFd3PT0%3D--7cb9f308bb1496cbdcdf3ed82559d0683ae12823
.prepaidrewards.ca/ Name: _ga
Value: GA1.2.926452640.1678378535
.prepaidrewards.ca/ Name: _gid
Value: GA1.2.926939131.1678378535
.prepaidrewards.ca/ Name: _gat_gtag_UA_1003065_42
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.incommlabs.com
bam.nr-data.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
prepaidrewards.ca
www.google-analytics.com
www.googletagmanager.com
151.101.66.137
162.247.241.14
2600:9000:23ca:2800:9:668:ac80:93a1
2607:f8b0:4006:81d::200a
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2003
2607:f8b0:4006:823::2008
54.84.105.126
1ddd940bf64bae3ee9b408d5b2270a7cd2e944d14855e4ab0ecb09fb80f001bb
36b206bd79d70a9e339d0b6d1db5cd4f16d855dba04cfcab2a93ff23a9beede2
370bcf78c210e188f4bfab10f01237147d473be4b07cbd7b9b98634132dc7bfe
3db3e222b551846569eb7910b63be215a2bc785f61ab5a0d82a981184e884858
4a0e202d510fbbe74fc4a689b14bf41b278f568764c09d8dd48ef604f32acf80
4b0c739b6c32edb18c9cb1f81f69d99550a1b9582333dee3dea3196732221e77
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6592a8d6f4e0b03d6c06e7860935d84c4d250ff4b2da4293db5ddbd6944c4cbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
95a787856016781b33c16c4e671b5a1bce261ab2553ed6b5a3f79649864bd823
a3a3e72362e4eaa353df99de5376a4202daeddf7080e924af3dbfb3398052cac
a72513be060ab85baf99861e0d462ff5661f15f9db9039cf0fecdf2a76a972b5
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a
e4d56505260e7e88f504688cc0b00f49c00927aeea978921d025f51aac183693
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321