urlscan.io logo urlscan.io
SecurityTrails logo

rewards.pldthome.com Open in urlscan Pro
107.178.248.103  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pldthome.info/rewards2302
Effective URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EX...
Submission: On August 23 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 29 HTTP transactions. The main IP is 107.178.248.103, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is rewards.pldthome.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on July 6th 2023. Valid for: a year.
This is the only time rewards.pldthome.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.12 396982 (GOOGLE-CL...)
28 107.178.248.103 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
29 2
Apex Domain
Subdomains		 Transfer
28 pldthome.com
rewards.pldthome.com
2 MB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
959 B
1 pldthome.info
pldthome.info
556 B
29 3
Domain Requested by
28 rewards.pldthome.com rewards.pldthome.com
1 fonts.googleapis.com rewards.pldthome.com
1 pldthome.info 1 redirects
29 3

This site contains links to these domains. Also see Links.

Domain
pldthome.com
Subject Issuer Validity Valid
*.pldthome.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Frame ID: 0D0A28D9FE7E9BA44730FC293E220D4E
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PLDT

Page URL History Show full URLs

  1. http://pldthome.info/rewards2302 HTTP 302
    https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN... Page URL
  2. https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

29
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1969 kB
Transfer

2686 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pldthome.info/rewards2302 HTTP 302
    https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING Page URL
  2. https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://pldthome.info/rewards2302 HTTP 302
  • https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login
rewards.pldthome.com/
Redirect Chain
  • http://pldthome.info/rewards2302
  • https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
42 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
e7f02be0cc711559f15e0d38d89b6d02e66a23b6f42cd6c809c654d72da4336b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
clear
cache-control
no-cache, private, no-transform, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 23 Aug 2023 00:52:39 GMT
expires
Thu, 01 Jan 1970 00:01:48 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
rhino-core-shield
vary
Accept-Encoding
via
1.1 google

Redirect headers

Cache-Control
private, max-age=90
Content-Length
230
Content-Security-Policy
referrer always;
Content-Type
text/html; charset=utf-8
Date
Wed, 23 Aug 2023 00:52:35 GMT
Location
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Referrer-Policy
unsafe-url
Server
nginx
Strict-Transport-Security
max-age=1209600
Via
1.1 google
GhHY1F6XmAyh8dQoxajRYRb75xTmz79w
rewards.pldthome.com/7060ac19f50208cbb6b45328ef94140a612ee92387e015594234077b4d1e64f1/ 		281 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/7060ac19f50208cbb6b45328ef94140a612ee92387e015594234077b4d1e64f1/GhHY1F6XmAyh8dQoxajRYRb75xTmz79w
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash

Request headers

Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
x-zebra-wN8NP3L7
YjFlMWQ3MDUwMzZlOTlkYzU3NDM5Yjk0MjhkZGJkNDdjOTRlZmRkYTskKGhhc2gpO194Y2FsYyhhcmd1bWVudHMuY2FsbGUpOzA7JChoYXNoKTtfeGNhbGMoYXJndW1lbnRzLmNhbGxlKTstMTQ4MTQ4MTQ2ODA7JChoYXNoKTtfeGNhbGMoYXJndW1lbnRzLmNhbGxlKTtkaXNhYmxlZDskKGhhc2gpO194Y2FsYyhhcmd1bWVudHMuY2FsbGUpO0RFQ1hMYU8wVXl2Q0VQMU82dlJ5d1gvbFVHTzBqQlFLVmhRV2h2akVnU24yQ2dzVjFqZkJCamZZTW1Cdi9qZzYyeGdrVUtKUlNtNnllZURFc1ZUMzczdHhJdmdUb2pCRHNoajhlZGdwbUpMVkMvYXVHeGZYMlJ6eU00Vjl0dGIzNnlkMDNNRXJxNTdseGdGOVR2VzRVajY1cXc2NHdjM2pvN1EzSWEyUXhrTmN1d3dNSkNFaHNEYnNJM0svN3Zud2d2bmV2eGlaS2RzUFVzWjRSdHdRVXV1QnBkdm04TG9heW5mbVZianlXaWc9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 23 Aug 2023 00:52:39 GMT
via
1.1 google
server
rhino-core-shield
alt-svc
clear
content-type
application/octet-stream
/
rewards.pldthome.com/8d47-ffc3-0f63-4b3c-c5c9-5699-6d5b-3a1f/d/ 		11 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/8d47-ffc3-0f63-4b3c-c5c9-5699-6d5b-3a1f/d/
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash

Request headers

Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 23 Aug 2023 00:52:39 GMT
content-encoding
gzip
via
1.1 google
server
rhino-core-shield
alt-svc
clear
vary
Accept-Encoding
content-type
text/plain
Primary Request login
rewards.pldthome.com/ 		15 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield / PHP/8.0.27
Resource Hash
5f51920ebd5ec95c065d2be94758d220662785d898d705f307bb4ce1083ed746
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.pldthome.com https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotilocal.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN SAMEORIGIN, ALLOW FROM https://*.pldthome.com https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotilocal.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Content-Type, Authorization, X-XSRF-TOKEN
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://staging.rewards.pldthome.com/
alt-svc
clear
cache-control
no-cache, private
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://*.pldthome.com https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotilocal.com
content-type
text/html; charset=UTF-8
date
Wed, 23 Aug 2023 00:52:40 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS"
server
rhino-core-shield
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 google
x-frame-options
SAMEORIGIN SAMEORIGIN, ALLOW FROM https://*.pldthome.com https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotilocal.com
x-powered-by
PHP/8.0.27
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 23 Aug 2023 00:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 00:36:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Aug 2023 00:52:40 GMT
bootstrap.min.css
rewards.pldthome.com/lib/bootstrap/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/lib/bootstrap/css/bootstrap.min.css
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Fri, 19 May 2023 05:19:38 GMT
server
rhino-core-shield
via
1.1 google
etag
W/"22688-5fc051140716c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
alt-svc
clear
pldt-common.css
rewards.pldthome.com/dist/css/ 		68 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/dist/css/pldt-common.css?v=3
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
5282352c6f5fa58c7c1af30826fbd20891258f4d0adc0913ce4ee70fe6c2fc6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
via
1.1 google
etag
W/"10fbe-5fc05113e1009"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
alt-svc
clear
guest.css
rewards.pldthome.com/dist/css/ 		895 B
978 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/dist/css/guest.css?v=1.1
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
046c7e08fd9d187f5e5a635c92c12a638888d08b34d78f6de5034e5c13e87437
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
etag
"37f-5fc05113e1009"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
alt-svc
clear
content-length
895
allinone_contentSlider.min.css
rewards.pldthome.com/lib/allinone/ 		34 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/lib/allinone/allinone_contentSlider.min.css
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
4332e76d657c33bce82d22c2c2d88ec93793a6c6ae353e1da2696df81a1613d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
via
1.1 google
etag
W/"88ea-5fc051140040c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
alt-svc
clear
loginpldt.css
rewards.pldthome.com/dist/css/ 		698 B
785 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/dist/css/loginpldt.css?v=1.1
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
7ef9e871c29e1cd839344aebfd4871bbfd7787ac27bcaec720b75112d5bcb41e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
etag
"2ba-5fc05113e1009"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
alt-svc
clear
content-length
698
jquery.js
rewards.pldthome.com/lib/jquery-ui/external/jquery/ 		282 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/lib/jquery-ui/external/jquery/jquery.js
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Fri, 19 May 2023 05:19:38 GMT
server
rhino-core-shield
via
1.1 google
etag
W/"46744-5fc051140b3d5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
clear
manda.js
rewards.pldthome.com/dist/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/dist/js/manda.js?v=1.1
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
5fe671a653c272584a1ae9a8592cce93a8915cffd2097d26315346935036d846
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
via
1.1 google
etag
W/"e5d-5fc05113e71b1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
clear
jquery.form.js
rewards.pldthome.com/lib/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/lib/jquery.form.js
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
800c1c83a86f7fe665ac6d49c6370e2f045f70f5c7859ef4a0e686b4759e46b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Fri, 19 May 2023 05:19:38 GMT
server
rhino-core-shield
via
1.1 google
etag
W/"9944-5fc051140c75d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
clear
bootstrap.min.js
rewards.pldthome.com/lib/bootstrap/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/lib/bootstrap/js/bootstrap.min.js
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Fri, 19 May 2023 05:19:38 GMT
server
rhino-core-shield
via
1.1 google
etag
W/"c75f-5fc051140987c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
clear
jquery-ui.min.js
rewards.pldthome.com/lib/jquery-ui/ 		249 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/lib/jquery-ui/jquery-ui.min.js
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Fri, 19 May 2023 05:19:38 GMT
server
rhino-core-shield
via
1.1 google
etag
W/"3e46c-5fc051140c375"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
clear
bootstrap-password-toggler.min.js
rewards.pldthome.com/lib/bootstrap/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/lib/bootstrap/js/bootstrap-password-toggler.min.js
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
e1e9cbfd4f001d13a832b7b2c90d2a050ad40282bbd616f3536bf1cd4a6e6504
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Fri, 19 May 2023 05:19:38 GMT
server
rhino-core-shield
via
1.1 google
etag
W/"dc3-5fc051140716c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
clear
jquery.touchSwipe.min.js
rewards.pldthome.com/lib/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/lib/jquery.touchSwipe.min.js
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Fri, 19 May 2023 05:19:38 GMT
server
rhino-core-shield
via
1.1 google
etag
W/"4fce-5fc051140c75d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
clear
allinone_contentSlider.js
rewards.pldthome.com/lib/allinone/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/lib/allinone/allinone_contentSlider.js
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
136e0a9ccf17a58eb22abb2db9c1f91bc7884884f234a0ed64f7098f5c859dff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
via
1.1 google
etag
W/"4096-5fc051140040c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
clear
login.js
rewards.pldthome.com/dist/pldt/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/dist/pldt/login.js?v=1.8
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
bca3c92b5ef0ef6ea7cb7d836bae7e7a704296c7922f9ca19c18e2eeb0c4ed65
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 07:00:26 GMT
server
rhino-core-shield
via
1.1 google
etag
W/"4efe-5fd98ce9c06d2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
clear
header-ribbon.png
rewards.pldthome.com/dist/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rewards.pldthome.com/dist/images/header-ribbon.png
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/dist/css/pldt-common.css?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
3c474a7934c76b3298f0667da8c836c1c6611ec1d68262df00ec090e6588a883
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/dist/css/pldt-common.css?v=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
etag
"48de-5fc05113e5a41"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
18654
pldthome.png
rewards.pldthome.com/images/home/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rewards.pldthome.com/images/home/pldthome.png
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
f17ae4506c19a4a486a76710bb6dc955b7a17ad5f183e71535c23312583bf6d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
etag
"2958-5fc05113f311a"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
10584
fontawesome-webfont.woff2
rewards.pldthome.com/dist/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/dist/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/dist/css/pldt-common.css?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://rewards.pldthome.com/dist/css/pldt-common.css?v=3
Origin
https://rewards.pldthome.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
etag
"12d68-5fc05113e5271"
x-frame-options
SAMEORIGIN
accept-ranges
bytes
alt-svc
clear
content-length
77160
SourceSansPro-Bold.otf
rewards.pldthome.com/dist/fonts/ 		230 KB
230 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/dist/fonts/SourceSansPro-Bold.otf
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/dist/css/pldt-common.css?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
9b8bd174f97413334e317be808d14d0ff8f6efed79a69299d84384c7e10e9312
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://rewards.pldthome.com/dist/css/pldt-common.css?v=3
Origin
https://rewards.pldthome.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
etag
"39678-5fc05113e2779"
x-frame-options
SAMEORIGIN
content-type
application/vnd.oasis.opendocument.formula-template
accept-ranges
bytes
alt-svc
clear
content-length
235128
SourceSansPro-Semibold.otf
rewards.pldthome.com/dist/fonts/ 		227 KB
228 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/dist/fonts/SourceSansPro-Semibold.otf
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/dist/css/pldt-common.css?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
ee3ba5c88400b22b880d85202ce82143dc5e19861bf7880b7f4c32d4263e96d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://rewards.pldthome.com/dist/css/pldt-common.css?v=3
Origin
https://rewards.pldthome.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
etag
"38ce8-5fc05113e42d1"
x-frame-options
SAMEORIGIN
content-type
application/vnd.oasis.opendocument.formula-template
accept-ranges
bytes
alt-svc
clear
content-length
232680
getAllSlides
rewards.pldthome.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rewards.pldthome.com/getAllSlides
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/lib/jquery-ui/external/jquery/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield / PHP/8.0.27
Resource Hash
77d493acca0e0d53c8c8dc0168de950a52c78dd4a07ddfda057c9ff407572af2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.pldthome.com https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotilocal.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN, ALLOW FROM https://*.pldthome.com https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotilocal.com
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
X-CSRF-TOKEN
k37gYv3i8UhYPCj8og62PxfZURX6ZWW6F9gWOtKF
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://*.pldthome.com https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotilocal.com
via
1.1 google
x-powered-by
PHP/8.0.27
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS"
alt-svc
clear
x-xss-protection
1; mode=block
server
rhino-core-shield
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN, ALLOW FROM https://*.pldthome.com https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotilocal.com
content-type
application/json
access-control-allow-origin
https://staging.rewards.pldthome.com/
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
cache-control
no-cache, private
access-control-allow-headers
Content-Type, Authorization, X-XSRF-TOKEN
play_overOFF.png
rewards.pldthome.com/lib/allinone/skins/imposing/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rewards.pldthome.com/lib/allinone/skins/imposing/play_overOFF.png
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/lib/allinone/allinone_contentSlider.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
3700d86a8bd57e936fdad0c01ff1a2e4ca7bfc4fe2b3bcb84933e5af0ee39b8d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/lib/allinone/allinone_contentSlider.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
etag
"10c8-5fc05114007f4"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
4296
leftNavOFF.png
rewards.pldthome.com/lib/allinone/skins/imposing/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rewards.pldthome.com/lib/allinone/skins/imposing/leftNavOFF.png
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/lib/allinone/allinone_contentSlider.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
a9364bbdd251e3ea21e257ef35647df1df5f4d27280d651f6e111a63c9722c98
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/lib/allinone/allinone_contentSlider.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
etag
"782-5fc05114007f4"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
1922
bottomNavOFF.png
rewards.pldthome.com/lib/allinone/skins/imposing/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rewards.pldthome.com/lib/allinone/skins/imposing/bottomNavOFF.png
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/lib/allinone/allinone_contentSlider.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
26539c9cfa966d7d9791c2c23a51083a495a190f3331b4f4e1d57a8bb7191046
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/lib/allinone/allinone_contentSlider.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
last-modified
Fri, 19 May 2023 05:19:37 GMT
server
rhino-core-shield
etag
"4a9-5fc05114007f4"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
1193
d-1686184021.jpg
rewards.pldthome.com/images/sliders/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rewards.pldthome.com/images/sliders/d-1686184021.jpg
Requested by
Host: rewards.pldthome.com
URL: https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.248.178.107.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
219fe8c20d41836dbca20b92c88d323299bcdcda57d171982f668b85c91105e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rewards.pldthome.com/login?utm_source=CML&utm_medium=SMS&utm_campaign=HR_EARN&utm_content=HR_EARN_AUG23_NEWREWARDS_EXISTING
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 00:52:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 google
last-modified
Thu, 08 Jun 2023 00:27:01 GMT
server
rhino-core-shield
etag
"11b34d-5fd934fa6df19"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
alt-svc
clear
content-length
1160013

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| URL_JS string| URL_CSS string| URL_IMAGES string| MVP_SLIDER_URL string| GET_ALL_SLIDES_API function| $ function| jQuery object| _0x4a51 function| _0x4241 object| bootstrap object| ACTIVE_PARTNERS object| smartPldtPartners string| href undefined| notificationContainerNav boolean| isMobile string| userAgent boolean| isTablet function| getAllSlides function| processSlider function| renderSliderToUl function| initializeDefaultSlider undefined| dateString undefined| now object| object function| clearStorage function| clearStorage1 function| clearStorageEnrolled function| checkSessionTime object| cities function| getCities object| notifs function| getNotifications function| updateNotification function| initializeLazadaLink function| getBrowserDetail object| UtilsCMS function| applyTemplate function| isDefined function| isEmpty function| isDefinedAndNotEmpty function| pluck function| numberWithCommas function| truncateText function| validateEmail function| shuffle function| restApiCallGET function| restApiCallPOST function| toggleLoadingButton function| showSuccessMessage function| showErrorMessage function| ajaxSubscriberFormApi function| showMessageFields function| renderLeftDetails function| MD5 function| M function| X function| V function| Y function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol function| deleteCookie number| responsiveWidth number| responsiveHeight object| currentText_arr

5 Cookies

Domain/Path Name / Value
.pldthome.info/ Name: _bit
Value: n7n0Qz-c815a7377146f85d2a-00u
.rewards.pldthome.com/ Name: rbzid
Value: DECXLaO0UyvCEP1O6vRywX/lUGO0jBQKVhQWhvjEgSn2CgsV1jfBBjfYMmBv/jg62xgkUKJRSm6yeeDEsVT373txIvgTojBDshj8edgpmJLVC/auGxfX2RzyM4V9ttb36yd03MErq57lxgF9TvW4Uj65qw64wc3jo7Q3Ia2QxkNcuwwMJCEhsDbsI3K/7vnwSHJI8H8ceBXQVTSa4QxM4r5OsBhjJ21mJF34CA42FcWUeVIdURenqS/cOJaMW6J+wBOocZvQjCl3D4Zp/lZ+wQ==
.rewards.pldthome.com/ Name: rbzsessionid
Value: 4270b70110b1bb8025e381037b8ca4e4
rewards.pldthome.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IktLaUt6OFBTQUlLTHp5a0dhT1YwYmc9PSIsInZhbHVlIjoic3A5dm1sR2g3Y2JZcTdKME1jc2ZMcHN3OTFOd3R3MHlQZ2FGRnRnemYxUUpUWmZmQkhyMGFPTWJVZE1PQjA2Z3JhV3BHTnIxUThWVTRvYTAveXFqUTZVVzlWK3lwMnNVT0lIVXE5UlVmYnd4NEt0VTBNaTI3Y0g0b3BFY0lreDYiLCJtYWMiOiI4YWViZTM2MjkwYjcyMjA1Njc5NzZlNzMzN2FlYTdkMzQxNDU1OWRkZGY3ZTJmNWVkMTBiNTk2N2VmNGNhMThkIiwidGFnIjoiIn0%3D
rewards.pldthome.com/ Name: pldt_session
Value: eyJpdiI6IkZxVkpNcDVzY1hIZFFWVVFGMWdvSUE9PSIsInZhbHVlIjoidGZ3NDJOcHpTbnhzeWd0dmhkTjZMMVJib1ROeWNGeTl6bUlCTnpVc0VkQ1UwQmdMaUJJOFJrcGJZQ3VaNDFmRHRsWVdJTHE3RC9qZDF0Z0V1ckhoRndVU3VvUWlGZlRNWUxRKzFnN1k5OFZueHM3QkJ5R1dCUzNKcFE3U3lvVW0iLCJtYWMiOiJmOGI0OTAyY2I3ZjM1YmMwNjgyNjI4ZGRiOTYzMjE4ZmE4MmFmZjczNGZjYzBjZjMyMjVmNTIyMWRkNjdhYWFkIiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
pldthome.info
rewards.pldthome.com
107.178.248.103
2a00:1450:4001:828::200a
67.199.248.12
046c7e08fd9d187f5e5a635c92c12a638888d08b34d78f6de5034e5c13e87437
136e0a9ccf17a58eb22abb2db9c1f91bc7884884f234a0ed64f7098f5c859dff
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
219fe8c20d41836dbca20b92c88d323299bcdcda57d171982f668b85c91105e4
26539c9cfa966d7d9791c2c23a51083a495a190f3331b4f4e1d57a8bb7191046
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3700d86a8bd57e936fdad0c01ff1a2e4ca7bfc4fe2b3bcb84933e5af0ee39b8d
3c474a7934c76b3298f0667da8c836c1c6611ec1d68262df00ec090e6588a883
4332e76d657c33bce82d22c2c2d88ec93793a6c6ae353e1da2696df81a1613d3
5282352c6f5fa58c7c1af30826fbd20891258f4d0adc0913ce4ee70fe6c2fc6d
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5f51920ebd5ec95c065d2be94758d220662785d898d705f307bb4ce1083ed746
5fe671a653c272584a1ae9a8592cce93a8915cffd2097d26315346935036d846
77d493acca0e0d53c8c8dc0168de950a52c78dd4a07ddfda057c9ff407572af2
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7ef9e871c29e1cd839344aebfd4871bbfd7787ac27bcaec720b75112d5bcb41e
800c1c83a86f7fe665ac6d49c6370e2f045f70f5c7859ef4a0e686b4759e46b3
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
9b8bd174f97413334e317be808d14d0ff8f6efed79a69299d84384c7e10e9312
a9364bbdd251e3ea21e257ef35647df1df5f4d27280d651f6e111a63c9722c98
acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8
bca3c92b5ef0ef6ea7cb7d836bae7e7a704296c7922f9ca19c18e2eeb0c4ed65
e1e9cbfd4f001d13a832b7b2c90d2a050ad40282bbd616f3536bf1cd4a6e6504
e7f02be0cc711559f15e0d38d89b6d02e66a23b6f42cd6c809c654d72da4336b
ee3ba5c88400b22b880d85202ce82143dc5e19861bf7880b7f4c32d4263e96d5
f17ae4506c19a4a486a76710bb6dc955b7a17ad5f183e71535c23312583bf6d5