southwest.thecardprizes.com Open in urlscan Pro
66.29.146.45 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://echo4.bluehornet.com/ct/101269567:7d_bexo0N:m:1:3502199073:27DE18245A9ABB1975994A84AF7903B5:r
Effective URL:
https://southwest.thecardprizes.com/
Submission: On May 23 via manual (May 23rd 2022, 12:03:51 pm UTC) from US — Scanned from DE

Summary HTTP 33 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 33 HTTP transactions. The main IP is 66.29.146.45, located in United States and belongs to NAMECHEAP-NET, US. The main domain is southwest.thecardprizes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 21st 2022. Valid for: a year.

This is the only time southwest.thecardprizes.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.239.125.195 44.239.125.195	16509 (AMAZON-02) (AMAZON-02)
15	66.29.146.45 66.29.146.45	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	52.219.116.240 52.219.116.240	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:401... 2a00:1450:4014:80b::2003	15169 (GOOGLE) (GOOGLE)
1 2	159.89.102.253 159.89.102.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
2	136.243.111.146 136.243.111.146	24940 (HETZNER-AS) (HETZNER-AS)
33	8

1 44.239.125.195 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-125-195.us-west-2.compute.amazonaws.com

echo4.bluehornet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 66.29.146.45 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium228-4.web-hosting.com

southwest.thecardprizes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.219.116.240 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1.amazonaws.com

s3-us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80b::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.89.102.253 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

geolocation-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

cdn.stat-track.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.111.146 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.146.111.243.136.clients.your-server.de

forms.m-pages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	thecardprizes.com southwest.thecardprizes.com	217 KB
8	amazonaws.com s3-us-west-1.amazonaws.com	22 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3175 onesignal.com — Cisco Umbrella Rank: 1158	73 KB
2	m-pages.com forms.m-pages.com — Cisco Umbrella Rank: 158126	48 B
2	geolocation-db.com 1 redirects geolocation-db.com — Cisco Umbrella Rank: 22396	414 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	2 KB
1	stat-track.com cdn.stat-track.com — Cisco Umbrella Rank: 144482	22 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	bluehornet.com 1 redirects echo4.bluehornet.com — Cisco Umbrella Rank: 215055	786 B
33	9

	Domain	Requested by
15	southwest.thecardprizes.com	southwest.thecardprizes.com
8	s3-us-west-1.amazonaws.com	southwest.thecardprizes.com
2	forms.m-pages.com	cdn.stat-track.com
2	geolocation-db.com	1 redirects southwest.thecardprizes.com
2	cdn.onesignal.com	southwest.thecardprizes.com cdn.onesignal.com
2	fonts.googleapis.com	southwest.thecardprizes.com
1	cdn.stat-track.com	southwest.thecardprizes.com
1	onesignal.com	cdn.onesignal.com
1	fonts.gstatic.com	fonts.googleapis.com
1	echo4.bluehornet.com	1 redirects
33	10

This site contains links to these domains. Also see Links.

Domain
v1-southwest.loyaltyprize.com
www.homedepot-reward.com

Subject Issuer	Validity	Valid
southwest.thecardprizes.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-21` - `2023-05-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.s3-us-west-1.amazonaws.com Amazon	`2021-12-17` - `2022-12-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
cdn.stat-track.com R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
*.m-pages.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-06` - `2022-10-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://southwest.thecardprizes.com/
Frame ID: 3047942CBF73FFCC7D014FF84286F4D4
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Survey Rewards

Page URL History Show full URLs

http://echo4.bluehornet.com/ct/101269567:7d_bexo0N:m:1:3502199073:27DE18245A9ABB1975994A84AF7903B5:r HTTP 302
https://southwest.thecardprizes.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

97 %
HTTPS

33 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

381 kB
Transfer

802 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://v1-southwest.loyaltyprize.com/?ts=5
Title: CLAIM REWARD

Search URL Search Domain Scan URL

URL: https://www.homedepot-reward.com/
Title: CLAIM REWARD

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://echo4.bluehornet.com/ct/101269567:7d_bexo0N:m:1:3502199073:27DE18245A9ABB1975994A84AF7903B5:r HTTP 302
https://southwest.thecardprizes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://geolocation-db.com/jsonp?callback=callback&_=1653307426599 HTTP 301
https://geolocation-db.com/jsonp/?callback=callback&_=1653307426599

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
southwest.thecardprizes.com/
Redirect Chain

http://echo4.bluehornet.com/ct/101269567:7d_bexo0N:m:1:3502199073:27DE18245A9ABB1975994A84AF7903B5:r
https://southwest.thecardprizes.com/

45 KB
9 KB

766ms
320ms

Document
text/html

66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: fc5f1757ea1e6e2838cd9023e186551df5ee150b4fd4b1b5bfbfa90d74cf4d2d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 9057
content-type: text/html
date: Mon, 23 May 2022 12:03:46 GMT
last-modified: Sat, 21 May 2022 13:30:58 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

AMFplus-Ver: 1.4.0.0
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 172
Content-Type: text/html; charset=utf-8
Date: Mon, 23 May 2022 12:03:45 GMT
Location: https://southwest.thecardprizes.com/
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 60ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=EB+Garamond:wght@400;500;600;700&display=swap

Requested by

Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0fad915139ba6a90ac1fc550c5e1a255039260a0706e68fdb24027dec3591047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:54:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 23 May 2022 12:03:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 May 2022 12:03:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
846 B 69ms
32ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;800&display=swap

Requested by

Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f3b11c402da137d4a7ae411ee4db67b5573d953d1b70ce5c4e5f023d1699456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 May 2022 12:03:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 23 May 2022 12:03:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 May 2022 12:03:46 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 35ms
17ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 70fda67959709299-FRA
date: Mon, 23 May 2022 12:03:46 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 160
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 26 May 2022 12:03:46 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
southwest.thecardprizes.com/assets/js/ 94 KB
32 KB 323ms
322ms Script
application/javascript 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://southwest.thecardprizes.com/assets/js/jquery-1.11.1.min.js
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
content-encoding: br
last-modified: Sat, 02 May 2020 03:56:44 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 32294
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H2 200 bootstrap.min.js Show response
southwest.thecardprizes.com/assets/js/ 36 KB
10 KB 324ms
323ms Script
application/javascript 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://southwest.thecardprizes.com/assets/js/bootstrap.min.js
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
content-encoding: br
last-modified: Sat, 02 May 2020 03:56:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 9515
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H2 200 style.css
southwest.thecardprizes.com/assets/css/ 13 KB
3 KB 486ms
485ms Stylesheet
text/css 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://southwest.thecardprizes.com/assets/css/style.css
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 551308f470163b1888ca6f0c1e67a6ddd39333ceb3074d9f30cc8e892684a07c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
content-encoding: br
last-modified: Tue, 05 May 2020 06:05:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2980
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H2 200 wallgreen-logo.png
southwest.thecardprizes.com/assets/images/ 104 KB
104 KB 164ms
160ms Image
image/png 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://southwest.thecardprizes.com/assets/images/wallgreen-logo.png
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 076a756b79a55063f97c91584b88d3ae09507a4f8a14647960c377229446bca2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
last-modified: Sat, 21 May 2022 07:51:18 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 106138
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H/1.1 200
OK fe6ca32090dffe1587925a705e804d4c.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ 5 KB
6 KB 649ms
177ms Image
image/png 52.219.116.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/fe6ca32090dffe1587925a705e804d4c.png
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.116.240 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 185ca93246eb49109b48da5a6294dfd930b0d9a53584a62cb4abbdfe082b1a76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 12:03:48 GMT
Last-Modified: Thu, 27 Feb 2020 20:36:42 GMT
Server: AmazonS3
x-amz-request-id: M5KBC6F69HDMMTS1
ETag: "3aba8066e495b3abddc314c1f56de2f2"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5509
x-amz-id-2: alXajKsn9Oko1wx15FP+I/+j3aGWR6wGYjXUi6cKbmLTft4EUFJx4rrXrWPOJI3U7W2ybJ8bAWA=

GET
H/1.1 200
OK 96c98442d8cbe19e0a3a0f94c1ab266e.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ 5 KB
5 KB 641ms
169ms Image
image/png 52.219.116.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/96c98442d8cbe19e0a3a0f94c1ab266e.png
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.116.240 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 20eb0df91b530ba4dca5b2d6f2244da383664daf8861a5fbcc0d5d5c4818f108

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 12:03:48 GMT
Last-Modified: Fri, 01 Feb 2019 05:42:47 GMT
Server: AmazonS3
x-amz-request-id: M5K3DG8EHYJWDNR4
ETag: "df6f08d1a103dfebf64cbaf8782cc3ed"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4736
x-amz-id-2: 7I+8f8gGj/vTgwvXFPDwuKAs8AjJCnO0kiSI1k9vg+OZnl86ddmVqEjN1LZCONUD2j961iKXEJo=

GET
H/1.1 200
OK 2ebdcbbe75f2e771343491a1541c83b7.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ 1 KB
2 KB 649ms
172ms Image
image/png 52.219.116.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/2ebdcbbe75f2e771343491a1541c83b7.png
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.116.240 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 12:03:48 GMT
Last-Modified: Fri, 01 Feb 2019 07:00:58 GMT
Server: AmazonS3
x-amz-request-id: M5K7W64GYX0PFTY9
ETag: "e77529aa1a83920de7897a4c5c5f9707"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1457
x-amz-id-2: 0Xv7bhQd/tYDzBe8BSmY5V+4h03RdKTyk0lsqrqapb8r5swZ4A3Z06XcWq9zv/8XFcluIw36IpA=

GET
H/1.1 200
OK 0039d2a7dcbf1a1b449884e25d738020.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ 646 B
1003 B 663ms
181ms Image
image/jpeg 52.219.116.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/0039d2a7dcbf1a1b449884e25d738020.png
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.116.240 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 12:03:48 GMT
Last-Modified: Fri, 01 Feb 2019 06:59:51 GMT
Server: AmazonS3
x-amz-request-id: M5K8ZVE21PBWZC9A
ETag: "3d0f87c98f70c57b535974b34862a8e9"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 646
x-amz-id-2: /Mbu7lmO/Xmih3Pqbe37gE1+/GWzc8mO7fSrIafnaLVM5SOHYjnWnvM3LLdB6nu0Ei/GVvzpF/M=

GET
H2 200 123123.png
southwest.thecardprizes.com/assets/images/ 22 KB
22 KB 645ms
642ms Image
image/png 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://southwest.thecardprizes.com/assets/images/123123.png
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3586a28bf89b80ab1a7545939a904468b1d3c8e4186dd0f7ebcbc6f6a08dc9e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
last-modified: Sat, 21 May 2022 01:09:34 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 22774
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H/1.1 200
OK 9227ed9e10072ce0bac69dc54109221b.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ 1 KB
1 KB 684ms
178ms Image
image/png 52.219.116.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/9227ed9e10072ce0bac69dc54109221b.png
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.116.240 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 12:03:48 GMT
Last-Modified: Fri, 01 Feb 2019 07:10:04 GMT
Server: AmazonS3
x-amz-request-id: M5K7KM89G0D3C6VH
ETag: "d9e07882a952607a31310486ff800c58"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1172
x-amz-id-2: pvgyAY5o0TZ7N13iEJvUA1xlqe4BGr6aDE/B6K3eR0rwMcR86LKEnha3/zQ0SgsClfOPorsMn+o=

GET
H/1.1 200
OK 1356b9d5b8ae09fe8e500762a6a27bfe.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ 952 B
1 KB 703ms
192ms Image
image/png 52.219.116.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/1356b9d5b8ae09fe8e500762a6a27bfe.png
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.116.240 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e0f40bcbaae14755c4ffacff4804f954f94eae6018cb6b1533aa1d975c9e0435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 12:03:48 GMT
Last-Modified: Fri, 15 Feb 2019 01:04:47 GMT
Server: AmazonS3
x-amz-request-id: M5K99C9EVF429VS9
ETag: "23673babc12fa07acb9c36128c3e6de4"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 952
x-amz-id-2: 6AuszyL51siQLfRUHcB9qwgcHeHFSBsPzarEqczH/ybO3FkaLemVa8KS0njXPDO7jh5z+Gd3ux0=

GET
H2 200 suzanne.jpg
southwest.thecardprizes.com/assets/images/ 5 KB
5 KB 646ms
643ms Image
image/jpeg 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://southwest.thecardprizes.com/assets/images/suzanne.jpg
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 514a53680811b3ed59feedf9231c6ae627f80c99d55b26b149ac25f5a2bbe05f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
last-modified: Tue, 05 May 2020 08:39:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4697
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H2 200 keith.jpg
southwest.thecardprizes.com/assets/images/ 5 KB
5 KB 647ms
644ms Image
image/jpeg 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://southwest.thecardprizes.com/assets/images/keith.jpg
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: f5fa888c9a6638dec6b8ae6c02475a59e0305c520edef91b0de9d83e29abc646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
last-modified: Tue, 05 May 2020 08:40:14 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4800
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H2 200 brandi.jpg
southwest.thecardprizes.com/assets/images/ 4 KB
5 KB 650ms
647ms Image
image/jpeg 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://southwest.thecardprizes.com/assets/images/brandi.jpg
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2c8b3a98377ea0fb4b122e4be1f97aae9b959362c9e009258161725e765af028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
last-modified: Tue, 05 May 2020 08:40:34 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4588
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H2 200 beulah.jpg
southwest.thecardprizes.com/assets/images/ 3 KB
3 KB 650ms
648ms Image
image/jpeg 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://southwest.thecardprizes.com/assets/images/beulah.jpg
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: d965558f3de7418c41d65b254cd4cd128047bfda2a6d44e66a981651db9a02c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
last-modified: Tue, 05 May 2020 08:40:52 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3290
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H2 200 wallace.jpg
southwest.thecardprizes.com/assets/images/ 5 KB
5 KB 651ms
649ms Image
image/jpeg 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://southwest.thecardprizes.com/assets/images/wallace.jpg
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7f4dbad6fb9e99d95703be6ab4886848e7290978a445d77911a9822f777da550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
last-modified: Tue, 05 May 2020 08:41:22 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4654
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H2 200 theodore.jpg
southwest.thecardprizes.com/assets/images/ 5 KB
5 KB 652ms
650ms Image
image/jpeg 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://southwest.thecardprizes.com/assets/images/theodore.jpg
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 18edca6a9251dd7a17d70e90ddd81827967d28e6fad55f5b8d4ecea2a11a7d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
last-modified: Tue, 05 May 2020 08:41:48 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4758
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H2 200 madeline.jpg
southwest.thecardprizes.com/assets/images/ 5 KB
5 KB 652ms
650ms Image
image/jpeg 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://southwest.thecardprizes.com/assets/images/madeline.jpg
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: a251541679653b1fd9046bb1110f29b538bdcb42721896b506976f428df2f5bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
last-modified: Tue, 05 May 2020 08:42:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5289
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H2 200 josh.jpg
southwest.thecardprizes.com/assets/images/ 4 KB
4 KB 652ms
651ms Image
image/jpeg 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://southwest.thecardprizes.com/assets/images/josh.jpg
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5fc046de3498bfda40eb6a55baf51d299f30c0d912c432586a54064eabddc7a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
last-modified: Tue, 05 May 2020 08:43:00 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4070
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H/1.1 200
OK bcf7f117acc460e9148a3031c5b6c4e4.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ 4 KB
4 KB 164ms
164ms Image
image/png 52.219.116.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/bcf7f117acc460e9148a3031c5b6c4e4.png
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.116.240 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 12:03:48 GMT
Last-Modified: Fri, 01 Feb 2019 06:08:07 GMT
Server: AmazonS3
x-amz-request-id: M5K97W327DG6SS95
ETag: "fc337800d827b2f19ea81b5ae68aa157"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3947
x-amz-id-2: w57Di6Jx5gpb9iuNzXqtQal8V6jE/ly9Qgh4QS9GCpgOPQo/ovdj7PVP17VAAJfmD0v4reh8Imo=

GET
H2 200 countdown.js Show response
southwest.thecardprizes.com/assets/js/ 497 B
496 B 162ms
162ms Script
application/javascript 66.29.146.45
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://southwest.thecardprizes.com/assets/js/countdown.js
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.146.45 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium228-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0ac816e41740bfa7bbbfcadd182df3177e0d440368d57bc4b45074f95d2caf1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
content-encoding: br
last-modified: Mon, 04 May 2020 05:36:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 262
expires: Mon, 30 May 2022 12:03:46 GMT

GET
H/1.1 200
OK d8db984df241866683db254ed868e435.png
s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/ 751 B
1 KB 171ms
169ms Image
image/jpeg 52.219.116.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/jc-content-v2-us-west/image_center/d8db984df241866683db254ed868e435.png
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.116.240 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 974658e055a4c9ac82e9e120a0d31b6044f57dd5abd7d8c81a48355ee49fe8c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 12:03:48 GMT
Last-Modified: Fri, 06 Sep 2019 01:10:05 GMT
Server: AmazonS3
x-amz-request-id: M5K46MR3GAS9EMA7
ETag: "93633c1bfdee90f741adbad48a20b689"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 751
x-amz-id-2: GoSfkErnHXrZsLjNUb+KEGOOCeTS4LZyL0wyGSVoUX6sHdvyWe7zA2iFuMlMbjZC2MZRwckbon0=

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 75ms
19ms Font
font/woff2 2a00:1450:4014:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://southwest.thecardprizes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 18:11:12 GMT
x-content-type-options: nosniff
age: 237154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 May 2023 18:11:12 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 21ms
21ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 70fda679799c9299-FRA
date: Mon, 23 May 2022 12:03:46 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 153
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 26 May 2022 12:03:46 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/dc53ef97-cebc-4b02-acdf-23e2c30e0b71/ 5 KB
2 KB 65ms
64ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/dc53ef97-cebc-4b02-acdf-23e2c30e0b71/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f8b81c5489f34a3fac6033d2288fbe86e3ff206d95a21087262abcc20fa5d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:46 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 32
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a3c7eafb-143d-4a4d-a971-37a224f46757
x-runtime: 0.030652
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2f8b81c5489f34a3fac6033d2288fbe8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 70fda679ba179299-FRA
access-control-allow-headers: SDK-Version
expires: Mon, 23 May 2022 13:03:46 GMT

GET
H2

200

/ Show response
geolocation-db.com/jsonp/
Redirect Chain

https://geolocation-db.com/jsonp?callback=callback&_=1653307426599
https://geolocation-db.com/jsonp/?callback=callback&_=1653307426599

186 B
291 B

30ms
29ms

Script
text/html

159.89.102.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation-db.com/jsonp/?callback=callback&_=1653307426599
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Server: 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b2f7011de6af48dcd304f5c92458f4bfe775faecbc2f941631a053d135736360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 23 May 2022 12:03:47 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8

Redirect headers

location: https://geolocation-db.com/jsonp/?callback=callback&_=1653307426599
date: Mon, 23 May 2022 12:03:47 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 194
content-type: text/html

GET
H2 200 moosend-tracking.min.js Show response
cdn.stat-track.com/statics/ 73 KB
22 KB 70ms
10ms Script
text/plain 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stat-track.com/statics/moosend-tracking.min.js?ts=5511024
Requested by: Host: southwest.thecardprizes.com
URL: https://southwest.thecardprizes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d54a7b1f225f6465aafa6e0bd1fd1daeb7778827de76fde5a3c15e5566c6e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://southwest.thecardprizes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:03:47 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 08:51:40 GMT
server: AmazonS3
x-amz-request-id: PG2TR66K8VD4CWMN
etag: "dce0630c0bb3fa3a8d487ccfab5857fa"
x-hw: 1653307427.cds143.fr8.hn,1653307427.cds155.fr8.c
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3595
accept-ranges: bytes
content-length: 22438
x-amz-id-2: YaMphnvCN/5ekcloThS7Yfg8z2To68vAL5uQgRb2jTwVAlGctocEh90VtIXTuzsK6JbfvtyupNo=

OPTIONS
H2 204 c9f5b214-c414-4d42-841e-cdbd0a0e03be
forms.m-pages.com/api/forms/ 0
0 69ms
11ms Preflight 136.243.111.146
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.m-pages.com/api/forms/c9f5b214-c414-4d42-841e-cdbd0a0e03be
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.111.146 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.146.111.243.136.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://southwest.thecardprizes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
date: Mon, 23 May 2022 12:03:47 GMT
server: Microsoft-IIS/10.0

POST
H2 500 c9f5b214-c414-4d42-841e-cdbd0a0e03be Show response
forms.m-pages.com/api/forms/ 0
48 B 72ms
72ms XHR
text/plain 136.243.111.146
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.m-pages.com/api/forms/c9f5b214-c414-4d42-841e-cdbd0a0e03be
Requested by: Host: cdn.stat-track.com
URL: https://cdn.stat-track.com/statics/moosend-tracking.min.js?ts=5511024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.111.146 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.146.111.243.136.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://southwest.thecardprizes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 23 May 2022 12:03:47 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
expires: -1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
echo4.bluehornet.com/	1970-01-20 03:25:12	Name: AWSALB Value: GkzVyzo6rqVk6lnq1XVYbFXo7TyxN0h+SNpRKd4QwHPZG7QRVessgOdzEmwMqcxW3qYtyxftHLm5k2uX7bvna6RSeVGDgRs+vNmLkuRaL/cg+9H5/5xHeiRuZP3n
southwest.thecardprizes.com/	1970-01-23 18:51:07	Name: uid Value: 55fe2a63db0241fa87770b5c3cb355d7
southwest.thecardprizes.com/	1970-01-20 03:16:33	Name: sessionid Value: 649ec5f44d0f4700bd5cfedddf3927a6
southwest.thecardprizes.com/	1969-12-31 23:59:59	Name: exitIntentFlag Value: true

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://forms.m-pages.com/api/forms/c9f5b214-c414-4d42-841e-cdbd0a0e03be Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
cdn.stat-track.com
echo4.bluehornet.com
fonts.googleapis.com
fonts.gstatic.com
forms.m-pages.com
geolocation-db.com
onesignal.com
s3-us-west-1.amazonaws.com
southwest.thecardprizes.com
136.243.111.146
151.139.128.11
159.89.102.253
2606:4700::6812:e234
2a00:1450:4001:811::200a
2a00:1450:4014:80b::2003
44.239.125.195
52.219.116.240
66.29.146.45
076a756b79a55063f97c91584b88d3ae09507a4f8a14647960c377229446bca2
0ac816e41740bfa7bbbfcadd182df3177e0d440368d57bc4b45074f95d2caf1b
0fad915139ba6a90ac1fc550c5e1a255039260a0706e68fdb24027dec3591047
185ca93246eb49109b48da5a6294dfd930b0d9a53584a62cb4abbdfe082b1a76
18edca6a9251dd7a17d70e90ddd81827967d28e6fad55f5b8d4ecea2a11a7d79
20eb0df91b530ba4dca5b2d6f2244da383664daf8861a5fbcc0d5d5c4818f108
2c8b3a98377ea0fb4b122e4be1f97aae9b959362c9e009258161725e765af028
2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f
2f8b81c5489f34a3fac6033d2288fbe86e3ff206d95a21087262abcc20fa5d07
3586a28bf89b80ab1a7545939a904468b1d3c8e4186dd0f7ebcbc6f6a08dc9e5
514a53680811b3ed59feedf9231c6ae627f80c99d55b26b149ac25f5a2bbe05f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
551308f470163b1888ca6f0c1e67a6ddd39333ceb3074d9f30cc8e892684a07c
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5fc046de3498bfda40eb6a55baf51d299f30c0d912c432586a54064eabddc7a7
735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7d54a7b1f225f6465aafa6e0bd1fd1daeb7778827de76fde5a3c15e5566c6e68
7f4dbad6fb9e99d95703be6ab4886848e7290978a445d77911a9822f777da550
8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e
974658e055a4c9ac82e9e120a0d31b6044f57dd5abd7d8c81a48355ee49fe8c8
9f3b11c402da137d4a7ae411ee4db67b5573d953d1b70ce5c4e5f023d1699456
a251541679653b1fd9046bb1110f29b538bdcb42721896b506976f428df2f5bf
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
b2f7011de6af48dcd304f5c92458f4bfe775faecbc2f941631a053d135736360
d965558f3de7418c41d65b254cd4cd128047bfda2a6d44e66a981651db9a02c9
e0f40bcbaae14755c4ffacff4804f954f94eae6018cb6b1533aa1d975c9e0435
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5fa888c9a6638dec6b8ae6c02475a59e0305c520edef91b0de9d83e29abc646
fc5f1757ea1e6e2838cd9023e186551df5ee150b4fd4b1b5bfbfa90d74cf4d2d

southwest.thecardprizes.com Open in urlscan Pro 66.29.146.45 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

97 %HTTPS

33 %IPv6

9 Domains

10 Subdomains

8 IPs

3 Countries

381 kBTransfer

802 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

southwest.thecardprizes.com Open in urlscan Pro
66.29.146.45 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

97 %
HTTPS

33 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

381 kB
Transfer

802 kB
Size

4
Cookies

33 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!