| ratrck.com/?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=96731e2090d84f9eb0f26c963d9ca186261bd&s4= | 52.2.48.141 | 502 Bad Gateway | 0 B |
URL User Request GET HTTP/1.1ratrck.com/?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=96731e2090d84f9eb0f26c963d9ca186261bd&s4= IP52.2.48.141:443
CertificateIssuerGlobalSign nv-sa Subject*.ratrck.com Fingerprint85:F5:DB:D6:62:0F:0B:1F:0F:BA:83:44:8D:82:C8:DC:4F:4A:41:8C ValiditySat, 19 Aug 2023 04:44:19 GMT - Thu, 19 Sep 2024 04:44:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=96731e2090d84f9eb0f26c963d9ca186261bd&s4= HTTP/1.1
Host: ratrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 502 Bad Gateway
Date: Fri, 26 Apr 2024 11:35:16 GMT
Content-Length: 0
Connection: close
|
|
| ratrck.com/?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=96731e2090d84f9eb0f26c963d9ca186261bd&s4= | 52.2.48.141 | 502 Bad Gateway | 306 B |
URL User Request GET HTTP/1.1ratrck.com/?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=96731e2090d84f9eb0f26c963d9ca186261bd&s4= IP52.2.48.141:443
CertificateIssuerGlobalSign nv-sa Subject*.ratrck.com Fingerprint85:F5:DB:D6:62:0F:0B:1F:0F:BA:83:44:8D:82:C8:DC:4F:4A:41:8C ValiditySat, 19 Aug 2023 04:44:19 GMT - Thu, 19 Sep 2024 04:44:18 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash8269b79bac4d1bd8889e17ca64b65107 9bead33b8f1d70b4a5bca2036e487e5750ff75e3 2cfc65ed4fcc67b09baff0096de91251c78ea13af28f0080f429f051a9c62fae
GET /?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=96731e2090d84f9eb0f26c963d9ca186261bd&s4= HTTP/1.1
Host: ratrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
cache-control: private
content-type: text/html; charset=utf-8
date: Fri, 26 Apr 2024 11:35:20 GMT
location: https://ratrck.com/?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=96731e2090d84f9eb0f26c963d9ca186261bd&s4=&ckmguid=ffde400b-b790-4273-b643-bc80964f89c5
content-length: 306
|
|
| ratrck.com/?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=96731e2090d84f9eb0f26c963d9ca186261bd&s4=&ckmguid=ffde400b-b790-4273-b643-bc80964f89c5 | 52.2.48.141 | 302 Found | 407 B |
URL User Request GET HTTP/1.1ratrck.com/?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=96731e2090d84f9eb0f26c963d9ca186261bd&s4=&ckmguid=ffde400b-b790-4273-b643-bc80964f89c5 IP52.2.48.141:443
CertificateIssuerGlobalSign nv-sa Subject*.ratrck.com Fingerprint85:F5:DB:D6:62:0F:0B:1F:0F:BA:83:44:8D:82:C8:DC:4F:4A:41:8C ValiditySat, 19 Aug 2023 04:44:19 GMT - Thu, 19 Sep 2024 04:44:18 GMT
File typeHTML document, ASCII text, with very long lines (335), with CRLF line terminators Hash6ddc7bc24c51333fcf9e6a57590dcc2b cc24a6057479fa44d262e2f78fbf947372988d62 31059eb775b7509dfe8222cb76278b84d8d3972f776e6d4cfcb823b0f0993200
GET /?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=96731e2090d84f9eb0f26c963d9ca186261bd&s4=&ckmguid=ffde400b-b790-4273-b643-bc80964f89c5 HTTP/1.1
Host: ratrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 407
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Apr 2024 11:35:20 GMT
Location: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=8dcNZUrNkemhmzflmmbCZrk7c8B6SUxqi9PJhSHRJGuEaTJsGRD1Pg==; domain=.ratrck.com; path=/; SameSite=None; secure; HttpOnly
trk=fMmeqOby7HJGtGu1UwVWMrk7c8B6SUxqi9PJhSHRJGuEaTJsGRD1Pg==; domain=.ratrck.com; expires=Sun, 26-Apr-2026 11:35:21 GMT; path=/; SameSite=None; secure; HttpOnly
c212838=8dcNZUrNkemZlr1elJ4sadQGRd0iHuMuKCxZHElIZvWMbYvq1KAzWZYAycKY8azs; domain=.ratrck.com; expires=Sun, 26-May-2024 11:35:21 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close
|
|
| challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit | 104.17.3.184 | | 14 kB |
URL challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit IP104.17.3.184:0
File typeJavaScript source, ASCII text, with very long lines (42414) Hashf94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b
GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 11:35:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644db2e1ab503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6hgto/0x4AAAAAAADnOjc0PNeA8qVm/light/normal | 104.17.3.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6hgto/0x4AAAAAAADnOjc0PNeA8qVm/light/normal IP104.17.3.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hash21ca7f9efa2d5b39aedf29ea360e2fc0 ae1680a639ac6f4fdb49dae68c95a7886aebb47a 7cbc622d5f9344591acd97a0da19fbf43d218344174b4ed9f5eea2a18b898fb6
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6hgto/0x4AAAAAAADnOjc0PNeA8qVm/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:22 GMT
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
referrer-policy: same-origin
document-policy: js-profiling
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-resource-policy: cross-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
vary: accept-encoding
server: cloudflare
cf-ray: 87a644dcba0056ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87a644dcba0056ca/1714131322823/WupCv7nos2hmokh | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87a644dcba0056ca/1714131322823/WupCv7nos2hmokh IP104.17.3.184:0
File typePNG image data, 27 x 58, 8-bit/color RGB, non-interlaced Hash364d382a2296fba8edde6b578fc98da0 67661cd49c0d7c47fc7cecac12769e45b3de186a fdaffb73b5972c3a3e3cabd1334b540273849a1297535dbbbd8a3fc1d61d25b4
GET /cdn-cgi/challenge-platform/h/b/i/87a644dcba0056ca/1714131322823/WupCv7nos2hmokh HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6hgto/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:24 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87a644e7cd7d56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/image3.png | 172.67.193.235 | 200 OK | 206 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/image3.png IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typePNG image data, 750 x 656, 8-bit colormap, non-interlaced Size206 kB (206233 bytes) Hash3147b4bd6ee65307574f07a038c64466 b67f67da18f0ee88bc0132d0f342321f395c0051 0ae08f10cd825085962b6efc1da7b7b4485bf08f109ea12505b70d62ca87539e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/image3.png HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/png
content-length: 206233
last-modified: Mon, 01 Jul 2019 20:11:23 GMT
etag: "7e7a7f274930d51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 33
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wLp6u1SWUfdJg2o5%2BgC9CXE9R%2BSgDhYBC5HFMjf6FBH97ZWt8%2B2IH6rsBmHyiuZApd5QMq%2Fid3OjLlfKd0a3ykl5gM8J%2BpCVF44GZ9F%2FK4S%2FtDOdS%2BRXFZ6e07ayHgpTaN%2BftjGgX1tXUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644f04ca15694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Muli:300,400,600,700,800,900 | 142.250.74.106 | 200 OK | 89 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Muli:300,400,600,700,800,900 IP142.250.74.106:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typegzip compressed data, max compression Hash47ae4d174414fb33e3de6d48c1fcce37 a050be7121d9d560cacf0a66a72234666d29a6a9 800fc749d7055a415af4a1ac1f9cecf7a74078c8ab4c89a1309d6b1d0fc5a553
GET /css?family=Muli:300,400,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:35:25 GMT
date: Fri, 26 Apr 2024 11:35:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/JS/jquery.autotab.js | 172.67.193.235 | 200 OK | 18 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/jquery.autotab.js IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash09a4820a206e5bba1fa0e585deb93811 bd2a6ffaf9c19bd76bed51c667a5332a105e1dcf d0401ccef3aad28475290a3540dcbf35cf798e414d9b6cc612dba8731bd0ea51
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/jquery.autotab.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: application/javascript
last-modified: Mon, 17 Mar 2014 14:18:05 GMT
etag: W/"808c61b6eb41cf1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h0BGsJ1GfLRGFCWJAnUcqzHoCjMSMmhK%2FzISKV3ctISIDNAZR%2BDwF%2ByVYsQi10RcnzlDJkRf7WxMzup2eeXJfyolD6AYH50h4Dfd3tDQ4dRC6O0ngUOleTExksWkrv9i5qx4XITWMwivTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644edcf305694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 142.250.74.163 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:14:40 GMT
expires: Sat, 26 Apr 2025 06:14:40 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 19245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 142.250.74.163 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:14:40 GMT
expires: Sat, 26 Apr 2025 06:14:40 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 19245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.cdn925.com/CampImg/13069/uplevels/uplevelslogo.svg | 104.16.246.135 | 403 Forbidden | 16 kB |
URL GET HTTP/2www.cdn925.com/CampImg/13069/uplevels/uplevelslogo.svg IP104.16.246.135:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerLet's Encrypt Subjectcdn925.com FingerprintF9:CD:4C:2E:5E:7B:1C:63:CD:25:48:7B:49:80:65:DA:9E:52:6B:48 ValidityTue, 02 Apr 2024 00:46:24 GMT - Mon, 01 Jul 2024 00:46:23 GMT
File typegzip compressed data, from Unix Hashe6cd5c81c8704ed4c5487ecead99900b d3a25659854e70fc73a8b6cb12f809d469b438ac 7663cfa9e6d6062a22b70b22d5e4ec9a43802cba652b1ea0937bf656bc657473
GET /CampImg/13069/uplevels/uplevelslogo.svg HTTP/1.1
Host: www.cdn925.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: E9rOPOpmb2PDHY0SL6HPOzYsQAa/tuug/W+doqsxail7nVkuW0LOQkSPrTzOA8R9CAaYpR1kx65GJuBI65VoxtAwFJYSR/J5blNcP1o9AQw=$C0I4LfoSoiiIXVG44RKTiA==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: __cf_bm=soF0pTgkEhBdH.RwI9DTSnlNGrQsH8kAyTj7P8LoTGM-1714131325-1.0.1.1-eQ1pwp7pRv_d8KptsXYf6u7SWdvvcizKl42.Aka1lVAvXoUMvuwX2wch0C3Sa9pp5y2E22EWdqrek4p8F520.A; path=/; expires=Fri, 26-Apr-24 12:05:25 GMT; domain=.cdn925.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644ee1c2c0b61-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/deals_icon_pk.svg | 172.67.193.235 | 200 OK | 9.3 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/deals_icon_pk.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash44c6e206fc038a6ca2b18c39f9959716 5a359c9785e3f82f5bc610bc07fb21ada6f01bf7 2de06aa353a90804e6541efad419634bb6b4c9332706cc79ce95ed2889e0fa24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/deals_icon_pk.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Tue, 25 Feb 2020 19:52:49 GMT
etag: W/"80fe2f2815ecd51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IyNO17FQRT%2FygOXJjS4WJqyha6gtYBkRT%2B1qEOGRcVX%2FghTTqJRBx5ei1ZBE8ov8uzr3oWxj%2B1hKo8KgAXfsv6T4sYJqcquBYKnkBANDL4enjxkxa6%2BlqEEG4tG%2Fdq62fxJa24ZqEnSsqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644eddf515694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800,900&display=swap | 142.250.74.106 | 200 OK | 18 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800,900&display=swap IP142.250.74.106:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typegzip compressed data, max compression Hasha663fe294b7b8f9f53c2ce85c84fa70d 481e1b7688f37e7e387c7058c39c66eda9590d0f fc0dd6facd88db59f27c16fccf2d3527e95781150bf1bf4c8f846b98b8f5eb93
GET /css?family=Poppins:300,400,500,600,700,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:35:25 GMT
date: Fri, 26 Apr 2024 11:35:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/lvl/surveyoffers-icon.svg | 172.67.193.235 | 200 OK | 9.3 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/lvl/surveyoffers-icon.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash7f94714f36a90e64448908db7ec24b92 8834ef125e6c9d13939f92c9e3c550364cf18a6e e0d1538887d4a8d2856d3ba1e79c09485e312eb98afb772dc80e295090590bd8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/lvl/surveyoffers-icon.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Tue, 31 Aug 2021 16:32:06 GMT
etag: W/"0c76fbc859ed71:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BtcxwQo%2FOJ8Y8wNK%2B2X%2BJrdmwvkWM3pV%2FjPPDW9YK2odb2rKGyDlF%2FPRPcuqZlTDauvn0O%2BdV42UFN9I47RpxmXh23vj5HVB6Y%2B0L49JmMPCSGatPGm%2BQ%2BuyJ%2F758jwXYnAHDdMNTEh4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644eddf4f5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7840, version 1.0 Hash8d91ec1ca2d8b56640a47117e313a3e9 a9e9bafe64666f4595051a0e895b47a5fa39e67e 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:50:53 GMT
expires: Sat, 26 Apr 2025 05:50:53 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
content-type: font/woff2
age: 20672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&display=swap | 142.250.74.106 | 200 OK | 9.7 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&display=swap IP142.250.74.106:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typegzip compressed data, max compression Hash53d6d6f2a2bc03c43021d430afc7d15c 975e78ed201163db4a862e58ff9d42dff150018e 0ad0a32d376bda853dbadf570fd8e5ea1de5c2e2c5b7b82ea8ab13faa53e5b22
GET /css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:35:25 GMT
date: Fri, 26 Apr 2024 11:35:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:19:23 GMT
expires: Sat, 26 Apr 2025 06:19:23 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
age: 18962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/jackpot.svg | 172.67.193.235 | 200 OK | 18 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/jackpot.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hashb5773c51ed0ea13d1bafc512e1131527 d532d5d14e9a35b2665e3ac3129af5525e3b64d0 8d069d411126e80871d06d308372ca8356356426989880a9df75e829934ad82a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/jackpot.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2019 19:51:59 GMT
etag: W/"ddc57d4247ad51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=imlkCiMgxyQvFRw655V4jILfND0cp4qyYy4hd1iFHjvjSzQPtE3Q%2BYUCis24Zxul31NTHiWgk7FJYMPirG2chzJoX9eaNi5QQspItzrhD1WaCkzZN1cl68ZN9HYYcWP3qLDNdQ0XZnmi6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644ee1fda5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:54:32 GMT
expires: Sat, 26 Apr 2025 05:54:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 20453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/JS/InternalLibrary.js | 172.67.193.235 | 200 OK | 28 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/InternalLibrary.js IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (1089), with CRLF line terminators Hash7fee3ad00afaa1af03483da541e685c6 134b8b2a4f2d2bf98ba9a1f188996e4ba4ee684d a4f4f673fedd1494caf3f31e20423c906e21c47e1cce69462b522f9c47a5f780
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/InternalLibrary.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: application/javascript
last-modified: Tue, 21 Nov 2023 16:30:42 GMT
etag: W/"065cb11981cda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mmozuMrb0ays%2FZlucFb4DpOchCUP%2FDNNDneaJsdDBglC7GN7MJDqjstB%2FQiEMfXAgeWkvbCqpb0kpmAeyWj09NbManBhgH%2BFTrKKD5XUgotdjsttj7hVf6dHoJr6bm0RfOhlfN8VQ9US1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644edcf275694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/JS/SystemConvert.js | 172.67.193.235 | 200 OK | 12 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/SystemConvert.js IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (451), with CRLF line terminators Hash84d72d671c7bab6336d620764078fa70 0e3ed05972ebd858b81fae034451df370f1df05e 043b4918db852d210f161a61f8d8c1e7071e759409c0221eb7d549ac5eae5859
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/SystemConvert.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: application/javascript
last-modified: Thu, 06 Feb 2020 16:17:17 GMT
etag: W/"802444e68ddd51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dOTRidh4FXMtABQU1vOMD9DlIgt8XmXn3g1vjmjBTkpy%2BJ9yW6W4o7i65%2BSDRnSv2qW7sd93YgnV8i49o3R0s8BM%2FwB9fE6yjT45oyDUwKWNrj4FUcu1drozhTdTXEB8Hv0UdEuIzXe%2FTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644edcf2d5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/JS/ExternalLibrary.js | 172.67.193.235 | 200 OK | 28 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/ExternalLibrary.js IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (1986), with CRLF line terminators Hash475ac286074514224839e211a02c872b f3f3dd0a9641cb18dc4d36dc18a9dc877ed16977 1b35eb7c2b8e5ec994e4310b679cd19e5ccbb264ec2bad3f0722c7124253e9f4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/ExternalLibrary.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: application/javascript
last-modified: Mon, 20 Nov 2023 19:54:05 GMT
etag: W/"80acef50eb1bda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJj9LJZWs4LFE2LO19Bp9wyiZzE%2FGasmn1PNcMEKwtUvfZHDNDpFF2JyrKFkAs0itRNcGIVY6472cir0G%2B%2B79Ze1fBaQUtUzr4fvtN7JF7F3f9FwflO53C8n4nx8pTlVcyNFY5fdkXuWNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644edcf245694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/uplevels/lp_deals.svg | 172.67.193.235 | 200 OK | 18 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/uplevels/lp_deals.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash1a8d08ce37ef69d7416af7434c58ffd7 15773180ef6f5f149a72cd371504281eea8d2455 ae0879e5db669ac9cfeebfcb5228eb1cf7973ea43e27714748449c2ae5d13297
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/uplevels/lp_deals.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Tue, 02 Nov 2021 14:51:55 GMT
etag: W/"8037a02df9cfd71:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H2xRrrFDSEoN6CWWJdXZon%2FsF4AGld%2B6U%2FaLGo7NnTwaBzHLFhDDe5w%2F173ouvDpy7U5zQARWPIrk2HuZaj%2BA9scfsWmjKOhthidmPQcnIul%2Bm1%2FLkDJEvd6a4GEmHzJcC0v3DEdxOmZHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644edffa45694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CSS/Site.css | 172.67.193.235 | 200 OK | 7.5 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CSS/Site.css IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash4694190cef311a884583c0cfc9bc7dba 68f811b405445d56225bff20c1eeb94d51c2e287 16df2a10820abf9394729fe2243c43678da480499c624b49538fe9c270580603
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CSS/Site.css HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: text/css
last-modified: Mon, 17 Mar 2014 14:17:22 GMT
etag: W/"cd26ec9ceb41cf1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N4BsX9Tlf4apV0wsQh3%2FXIHs9QUU0zJLn21pHOHRoz7pOAJoj99UC3c%2BrJUc7kFquFyiDPXWoZ6JuuXCaqc7opAxdzns1JWnU7bj76Z8v6UOegJTBDersS%2BAYBNKWDgbUs4s0whn5RhYJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644edbf1b5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/1718/SuperDynamic/genericimg/amazon750_lg.png | 172.67.193.235 | 200 OK | 229 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/1718/SuperDynamic/genericimg/amazon750_lg.png IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typePNG image data, 500 x 320, 8-bit/color RGBA, non-interlaced Size229 kB (229034 bytes) Hash8414c2d1505221c57e90842de46091ae 760aa8c43c6bbd49da46daf7cb6f92191998e7fa b72e6560c5f7c55f0a1d4c8c77d390499f1888e8381140854a02e19cd8906b3f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/1718/SuperDynamic/genericimg/amazon750_lg.png HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=&bckm=1
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:26 GMT
content-type: image/png
content-length: 229034
last-modified: Thu, 20 Aug 2020 16:35:13 GMT
etag: "6ee9e0f77d61:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FRkA8wJiyzt%2FTfJF2WULtW49H8Sv2sbFE1GDzkLMe7EqvrnM9HoJrOSh5LfpvLO%2FrC1I0iB%2BvLyA2QnYNPAmhOGXGVPSMzkLfC5TVxu97LB2MDnRHOQM0rLJ1Hr%2BQ6klp8HSMh7Mxf1eeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644f48c3b5694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/1718/Superdynamic/amazon/mob.jpg | 172.67.193.235 | 200 OK | 102 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/1718/Superdynamic/amazon/mob.jpg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x656, components 3 Size102 kB (101847 bytes) Hash3fb2652bf1ec119eaf9c555a33319dfa caf3a42a36640c604ebd2a120f5d53c8998ad1c0 c35abde1b641a67565a5abaea783405b7c3397936058306dbdd8838e4299a9aa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/1718/Superdynamic/amazon/mob.jpg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=&bckm=1
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:26 GMT
content-type: image/jpeg
content-length: 101847
last-modified: Mon, 10 Feb 2020 21:02:28 GMT
etag: "b82c316755e0d51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uFSSZD%2FY374fevxIAeGXBklFxPyWuMURykENdilD36BDyi73HVdJfTmLUU8usT57jaU4VcRbZeHTvPuVwn9ao8DFJ1QjxZzRRAHt0grGDoJKV19IEmGvWFjVS3yliBGFVm%2Fnpa5F9s9uAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644f48c3e5694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:11:02 GMT
expires: Sat, 26 Apr 2025 06:11:02 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 19463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gfstrck.com/?a=244839&c=381589&oc=220795&sr=t&s2=UgfCNiYzxf59QMsLuEkVbJ&ref=gdmtrck.com&vt=1714131281899&h=a01674f2b723f096bb4fb3ee5ebcce80b74398fd&req=https://gdmtrck.com/?a=244839&c=381589&co=303619&mt=18&s2=UgfCNiYzxf59QMsLuEkVbJ&s2=UgfCNiYzxf59QMsLuEkVbJ&co=303619&mt=18&sip=107.178.194.37&sh=7704b4277bc8445a0fb2463b80c12a1daffc7cc1 | 54.171.223.44 | 302 Found | 0 B |
URL User Request GET HTTP/2gfstrck.com/?a=244839&c=381589&oc=220795&sr=t&s2=UgfCNiYzxf59QMsLuEkVbJ&ref=gdmtrck.com&vt=1714131281899&h=a01674f2b723f096bb4fb3ee5ebcce80b74398fd&req=https://gdmtrck.com/?a=244839&c=381589&co=303619&mt=18&s2=UgfCNiYzxf59QMsLuEkVbJ&s2=UgfCNiYzxf59QMsLuEkVbJ&co=303619&mt=18&sip=107.178.194.37&sh=7704b4277bc8445a0fb2463b80c12a1daffc7cc1 IP54.171.223.44:443
CertificateIssuerAmazon Subjectclfstrk.com Fingerprint1F:4E:BF:6D:32:C8:8C:EB:66:0B:35:BF:66:DD:DC:0A:07:F0:2A:28 ValidityFri, 30 Jun 2023 00:00:00 GMT - Sun, 28 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a=244839&c=381589&oc=220795&sr=t&s2=UgfCNiYzxf59QMsLuEkVbJ&ref=gdmtrck.com&vt=1714131281899&h=a01674f2b723f096bb4fb3ee5ebcce80b74398fd&req=https://gdmtrck.com/?a=244839&c=381589&co=303619&mt=18&s2=UgfCNiYzxf59QMsLuEkVbJ&s2=UgfCNiYzxf59QMsLuEkVbJ&co=303619&mt=18&sip=107.178.194.37&sh=7704b4277bc8445a0fb2463b80c12a1daffc7cc1 HTTP/1.1
Host: gfstrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 11:35:16 GMT
content-type: text/html;charset=ISO-8859-1
location: https://ratrck.com/?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=96731e2090d84f9eb0f26c963d9ca186261bd&s4=
server: nginx
set-cookie: gdm_uid_v1_1_001=A3IoplqQt7udzZzDdMTe0mfuWkbwdngfBC7/Rbch4v6M5k31/7VSZqVzYG1MREPZ; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:35:16 GMT; Path=/
gdm_click_adv_freq_v2_1_001=7BXaVSr/Po3b86q1qy22Tsu3jR5sdzaX8jmenI37XLc2KcglbUoN+K5mZLdk/C2f; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:35:15 GMT; Path=/; Secure; SameSite=None
gdm_click_adv_freq_v1_1_001=7BXaVSr/Po3b86q1qy22Tsu3jR5sdzaX8jmenI37XLc2KcglbUoN+K5mZLdk/C2f; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:35:15 GMT; Path=/
gdm_uid_v2_1_001=A3IoplqQt7udzZzDdMTe0mfuWkbwdngfBC7/Rbch4v6M5k31/7VSZqVzYG1MREPZ; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:35:15 GMT; Path=/; Secure; SameSite=None
gdm_sid_v2_3_001=alAXJ8cRb89b4V1MztlklJhFlb+36FG8svmYz7sN9gWzNrdGMfmMq2RFgPrwvyfK5GTKMieJVDkoZzRurnvNlWhNuo4fxdEQOsES0+8t2qcLEDc3qCAo55+erNZ+5eHMAQzWhrxfgV+2F5UIIIUyfyIVTKqF6r0gtN+b4YFIuo/SH0EGmmb1xlFNhqlwq7iZTXYfTPMRd96MJ1UZEP/wD5pFAdnGlrWmyPNhgEBGSWhT0gxMZDF0TFam7DgMGcQcSy9iRgqo5o3c7rMvVXL2vj7zlvXE50D3TOMMDX6u9XBXRfDOsRfZbiNcTtQOdqs1eQHdDO33eYjs+Blh6jlknWNLguitySYtaHm8U4zR8lSwddyvAHjEkQcFTuPz/kTXv8EwuYl996QB0LPST7cSGso78aVQIe9M97Fa+YHqPsO0zWkKVFzOJysdTIz968tPik9ZiVf6dBdC7gQ2lhPRl/yrnyIyIrHXakkG5s7FQMFHOrVs2QCB10+6IJ+o+v02xcYlt9SWNXkCQoOY9ioFo6SCwlgkhUyxtl46q8kwLvjTBrsX7PNvdAhQIjvfRRkq0QSQPGJd0EOiBdXnyYmGKsvpr3YricRc8Dw6DQDwmRMUzeWehGpDJbaQH/Vru/DasWqWGpIpeE9jXBzuwI1bYKoSyESBJwb/MzyPo/C40bo1Ox7oKIGliJm/THk0q+Y1DWZf2Nf6MPZObIAsCDChGbhgBgBOIwhXvvGlMGGb6TpLJ+XzEZw8ps3XbpS08MdXzOtRVdvTllR7oDyCABfEYRfwJ+AGsIzbGtOZzKkIxLLGjLcpfAvV2/Fa050vMjcPOFTCmvNNj/OJk4h2nxfseJt8JQ6DVkFjlzKA/GH10SpAUpWFuxhCh8FpKxuyz42c98yrijlnlUw2d2ke832WI3YwD6tTWjU3581vGwNTRMFyE2dmiNtPn6qN3gzsnU5n2A23iRAJR5AUBJiZo2Ei98OnXW7PsoubSn0a6r+Hw57Mgcb/38uP3Bn+YZJEZ4UwP3+zFJ0Odx3IgH4f9cFTXeH5EfOOTkOQA62BKnDK5+E=; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:35:15 GMT; Path=/; Secure; SameSite=None
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:35:15 GMT; Path=/; Secure; SameSite=None
gdm_click_freq_v2_1_001=1xnY663Dwz37zq1ZH8267t5T2nTT2Ptpc9MHdBCDVusfRRbd/mgtgGRl1zSAv64D; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:35:15 GMT; Path=/; Secure; SameSite=None
gdm_click_freq_v1_1_001=1xnY663Dwz37zq1ZH8267t5T2nTT2Ptpc9MHdBCDVusfRRbd/mgtgGRl1zSAv64D; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:35:15 GMT; Path=/
gdm_sid_v1_3_001=alAXJ8cRb89b4V1MztlklJhFlb+36FG8svmYz7sN9gWzNrdGMfmMq2RFgPrwvyfK5GTKMieJVDkoZzRurnvNlWhNuo4fxdEQOsES0+8t2qcLEDc3qCAo55+erNZ+5eHMAQzWhrxfgV+2F5UIIIUyfyIVTKqF6r0gtN+b4YFIuo/SH0EGmmb1xlFNhqlwq7iZTXYfTPMRd96MJ1UZEP/wD5pFAdnGlrWmyPNhgEBGSWhT0gxMZDF0TFam7DgMGcQcSy9iRgqo5o3c7rMvVXL2vj7zlvXE50D3TOMMDX6u9XBXRfDOsRfZbiNcTtQOdqs1eQHdDO33eYjs+Blh6jlknWNLguitySYtaHm8U4zR8lSwddyvAHjEkQcFTuPz/kTXv8EwuYl996QB0LPST7cSGso78aVQIe9M97Fa+YHqPsO0zWkKVFzOJysdTIz968tPik9ZiVf6dBdC7gQ2lhPRl/yrnyIyIrHXakkG5s7FQMFHOrVs2QCB10+6IJ+o+v02xcYlt9SWNXkCQoOY9ioFo6SCwlgkhUyxtl46q8kwLvjTBrsX7PNvdAhQIjvfRRkq0QSQPGJd0EOiBdXnyYmGKsvpr3YricRc8Dw6DQDwmRMUzeWehGpDJbaQH/Vru/DasWqWGpIpeE9jXBzuwI1bYKoSyESBJwb/MzyPo/C40bo1Ox7oKIGliJm/THk0q+Y1DWZf2Nf6MPZObIAsCDChGbhgBgBOIwhXvvGlMGGb6TpLJ+XzEZw8ps3XbpS08MdXzOtRVdvTllR7oDyCABfEYRfwJ+AGsIzbGtOZzKkIxLLGjLcpfAvV2/Fa050vMjcPOFTCmvNNj/OJk4h2nxfseJt8JQ6DVkFjlzKA/GH10SpAUpWFuxhCh8FpKxuyz42c98yrijlnlUw2d2ke832WI3YwD6tTWjU3581vGwNTRMFyE2dmiNtPn6qN3gzsnU5n2A23iRAJR5AUBJiZo2Ei98OnXW7PsoubSn0a6r+Hw57Mgcb/38uP3Bn+YZJEZ4UwP3+zFJ0Odx3IgH4f9cFTXeH5EfOOTkOQA62BKnDK5+E=; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:35:15 GMT; Path=/
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:35:15 GMT; Path=/
content-language: en-US
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= | 172.67.193.235 | 403 Forbidden | 18 kB |
URL User Request GET HTTP/2www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= IP172.67.193.235:443
CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeHTML document, ASCII text, with very long lines (17756), with no line terminators Hash191a7c68114979655b1f965974e5ee75 a200f9ff3153e56bbc3e00e049fedf43cf9a6f71 a20b5834778918bcfaecc5cbcad55494c84f598dc5e6d24a4bacfeb35c0f66f9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 26 Apr 2024 11:35:21 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: UXbrW16SeQDlInPg+D7G9RbiBEXJ8586N3WeCJ+42vQ1N9089cuJQ1WuOK1w8RtHR5r1CtSvPeduXSHZFZa8ep7TwgHOda5hAYVgTj3yaYM=$Vo7p9m9EMbtZYnGEd9Vpog==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vzrAIv4pGqoXzgHugY6wEMCVjO6iOni1BQL60cvSPqbj44sCuw9z%2FbqmCWuuGSFtx3h1r1QWGxsAEj7uXkIpLlInWGw7HhoL6zHxBmKnxltesAIgeLu5srj4%2F2iYO9smVZW%2FomxlsSsI0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644d84cc25687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CSS/flybox.css | 172.67.193.235 | 200 OK | 1.1 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CSS/flybox.css IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeASCII text, with very long lines (1083), with no line terminators Hash7d43c91ddf852248621989132752da73 02e6c8524cf8f383c3c7c15e3f24bfacdd939616 a63c72394fc9f91b4f96518822d7d4b08c41f725f544afd0cfdef2c2abf812b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CSS/flybox.css HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: text/css
last-modified: Mon, 17 Mar 2014 14:17:22 GMT
etag: W/"693ceb9ceb41cf1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7wAecXQ0OLbNOZLFpR4bcFKvWcwXEnWNvHzRSOriJEH%2Bc6ZltG02mpDN7WajpGdzX2D6EfVxlNJLjJr2jdNs3S1NU9DbYALJ70MyU4gRwAjitdltGLy2X4MCtDFjW2ENh%2F9j4K0HZvWtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644edbf1e5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/profile_icon_pk.svg | 172.67.193.235 | 200 OK | 4.4 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/profile_icon_pk.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash0c9643805c81e16e3821e12137fc8c8f b411724ec2d3057c3ea2c4cbbe689f4e1e53dbb6 4dca19841f76a4593ed19307130b570e8414eb92f80445ee5a8c872903c45f77
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/profile_icon_pk.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Tue, 25 Feb 2020 19:52:49 GMT
etag: W/"80fe2f2815ecd51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2UweW8UmUWiN2fnnpNBWztuWenZ5PL%2FZNatZE%2F%2B2GB3qVyRpORPxK0d8kdcggQleCwhfQaEA16JCeODWaD2K3u47MfV2Ydc%2F3bZ5Ls%2FtE6gTbdRAA%2Fen9JOFs5%2BSDVXaNZDxwc4%2F%2BSA3dw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644eddf475694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/generic_gift_card_us-1.svg | 172.67.193.235 | 200 OK | 17 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/generic_gift_card_us-1.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash694c0cc731e69bd5566058059028c731 d8c517df02424f4b762cc417e9e7511818851a04 d43295dd46a5c21bdbaceb8f895cb19eb03d734d3ff9bd9c58b34440b837f5be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/generic_gift_card_us-1.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2019 20:12:15 GMT
etag: W/"80b947d9267ad51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kaj7CLq3bMWCAT41wYrMceI1YPF%2FP3G7LbRy6Bjuj3vxqXXLoFu%2F2GeyEjGktPyboFVpfIJEbXtNjpBcHWdBMhzPd%2FiP3eg03QI4eeQ3YfZFL8%2F68IvOWRc6oPM4u7rVXMoAWs6FIodcng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644edff925694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Poppins:ital,wght@1,200;1,300;1,400;1,500;1,600;1,700&display=swap | 142.250.74.106 | 200 OK | 4.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:ital,wght@1,200;1,300;1,400;1,500;1,600;1,700&display=swap IP142.250.74.106:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (4864), with no line terminators Hash699f8700609423344e6fe24acbf381ad 3113f1ef976eb8506910c5cebd9eed24b3c3c27f 00b8bf39880ec1e481cdedca6521493c8ab03deb2aed4b71ff54383a8fe38612
GET /css2?family=Poppins:ital,wght@1,200;1,300;1,400;1,500;1,600;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:35:25 GMT
date: Fri, 26 Apr 2024 11:35:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/exit.svg | 172.67.193.235 | 200 OK | 302 B |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/exit.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hashd31147c7929a21c3eb9da5e4528c491f e3fecb3198a5542e370e399f589ff421656421b6 6807bbee5e8dd501f3d416a76ec7375b74f4d75d1265d1368632a88fd9374bde
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/exit.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Tue, 25 Feb 2020 20:32:53 GMT
etag: W/"a54692c11aecd51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DfKRfmsGpwk2MER7ZEhBc4xG3D6TQg7HqNpR4SS2rIls7NjcTGx1uMkFoETDqWWLYzHsFVmpyuL%2FOvtron3T4PTn8uv8S8oYSn%2BaollxEZOwDsTCnJhZQi6JDKXIs1PBzJPD7HjLiq5KJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644eddf455694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/check-big.svg | 172.67.193.235 | 200 OK | 230 B |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/check-big.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash13db28d3b82bb68b6b9c6495b8f55310 46b0fe42870fe1eef6dd8fe9c6d08ef699addb7b 568f284dbc8fe26fcd3bc99ee95d4c1d84db392a99cadad5222f979132356b0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/check-big.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Tue, 25 Jun 2019 15:04:43 GMT
etag: W/"b7e04d52672bd51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSvT5ukf%2BLcGphWKE%2BPZ0gVCRx%2Bse%2F8nlVDq22HkqrkZ3ZMWuFZ5PtTvdIknTH52iP5Wt%2BwnsMmPsiD1HbtVkauO1BfyMWX0POdTWB8oDMOs88wxdAEoJvUrf3wzh24MG4CNTOvuUuFGTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644f05cb65694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.clicken.us/tag/LocalStorageSetNew.html?1=1&vid=2HgPd7K-mQsGq6ZM4xwOEg2 | 104.16.243.248 | 403 Forbidden | 0 B |
URL GET HTTP/1.1www.clicken.us/tag/LocalStorageSetNew.html?1=1&vid=2HgPd7K-mQsGq6ZM4xwOEg2 IP104.16.243.248:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectclicken.us Fingerprint9D:1E:F7:7C:84:54:C1:F6:8C:3C:BE:DF:34:FA:16:AE:EC:6E:03:3D ValiditySat, 30 Mar 2024 00:10:18 GMT - Fri, 28 Jun 2024 00:10:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tag/LocalStorageSetNew.html?1=1&vid=2HgPd7K-mQsGq6ZM4xwOEg2 HTTP/1.1
Host: www.clicken.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 11:35:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: NtIf8Z1TGNpJW56Z+m3uX09ddLZjwX2rT1+tbl5iKx5aiuCNzTopzqdEMlD3X/ld6J6+zCWz6A0z7HUSZEr3WEFgQl7vUNYPY2xNyyjCXyQ=$S0pnFlHup8Pf+gNiabvEZQ==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=3WFDcornKryjZh2YnFWqjLdrCrpVtbcvsnKLz0pCqis-1714131325-1.0.1.1-lISRo9XPVp8q6CLSrX4ssswxHlXj.tjIDK_CaGp8eQoacHy3OZRj2P6y0gyStG.ZZtsXCl5f59Vl7eSTdJlJ3A; path=/; expires=Fri, 26-Apr-24 12:05:25 GMT; domain=.clicken.us; HttpOnly; Secure; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a644f2fd001c12-OSL
Content-Encoding: gzip
|
|
| www.rewardsgiant-au.com/favicon.ico | 172.67.193.235 | 200 OK | 769 B |
URL GET HTTP/3www.rewardsgiant-au.com/favicon.ico IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typePNG image data, 20 x 22, 8-bit colormap, non-interlaced Hash045459995af63ddb3c3ff2eab81448ec 434ba048889059c2c43caa37c58e53bd3468520a c18a4b706bf4fa02b06fdb74e1461c6b222944cc39db2b6b90745b5f1007ad08
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:26 GMT
content-type: image/x-icon
last-modified: Thu, 30 Jun 2016 14:34:04 GMT
etag: W/"993b673dcd2d11:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RF9cy8KZOdppRrihbgqtmi68eTzYW%2FdLdYztuP95CixR2TN8Gi82ZsyxcQQ59B8Bw7QlDx4LWAQekqhRkrHbFTS%2Bm5w2OeEIKdd%2FJCRwU4Z81GD0ucL%2Fu6CphYXn2XTNMyqja7xaeNV6vA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644f39a8f5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/subscription.svg | 172.67.193.235 | 200 OK | 3.5 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/subscription.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hashe23cbe05f180f76780b0ff757859ec83 336d46c8389dcf57b8fc944ab7afefaa75cd6cea 333a0ec3de08df1491f3603eeeee36b9e6c399530da4676337f2a3dc6ba2c520
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/subscription.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2019 19:51:59 GMT
etag: W/"7428804247ad51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tW%2FekCFOZyD6xAfXy6Ilhyg0DknQ2nK2lnKMk383Tv6TvPesPw6zDClzknRZkRmps73ZXiqOrtcvFGBkElnz0fVfb%2BpnuNPu8bDKXqcrihkNncLQIS%2BDp3012epslvRWdfiWKefjDhN6pg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644ee0fbe5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/JS/jquery-1.8.2.min.js | 172.67.193.235 | 200 OK | 93 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/jquery-1.8.2.min.js IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/PixelEventLogIframe.aspx?FlowID=48601&VID=2HgPd7K-mQsGq6ZM4xwOEg2&PixelEvtID=23991&fbclid=&gclid=&ckmc=&ckmscn=&ckmsc= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/jquery-1.8.2.min.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/PixelEventLogIframe.aspx?FlowID=48601&VID=2HgPd7K-mQsGq6ZM4xwOEg2&PixelEvtID=23991&fbclid=&gclid=&ckmc=&ckmscn=&ckmsc=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:26 GMT
content-type: application/javascript
last-modified: Mon, 17 Mar 2014 14:18:05 GMT
etag: W/"808c61b6eb41cf1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 35
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MbB%2B4JYmLIJ7GPW8ofwnJDKydz9DG3kWk25%2FTt7kF0ZMDrfTSWY%2BTOTZ9smaRGazXV%2B5ZJs3T22i20SJOWXPUQsRiw3CG077ToFlOkt7w22%2FjGclHG9jHTjMK8heo2TNCUHXHJ3aCvk9mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644f41b545694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2 | 142.250.74.163 | 200 OK | 8.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8668, version 1.0 Hasha242ba0df3a128a2cab929a8c45d5056 d70e2c70b21cbb66cd883ae56e2dedacefd81c7c 50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
GET /s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:36:52 GMT
expires: Fri, 25 Apr 2025 17:36:52 GMT
cache-control: public, max-age=31536000
age: 64713
last-modified: Fri, 22 Mar 2024 00:00:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/JS/jquery.colorbox-min.js | 172.67.193.235 | 200 OK | 32 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/jquery.colorbox-min.js IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash67ecd5ef68ad2bbdc89f673355ec270a 537e4d4873e8608139087d5e7d1e94a0a33e29e0 1e8cdf8b6b76616f6e721a0f53dfab323db16cc7eddfd7136135c5d5382ff126
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/jquery.colorbox-min.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: application/javascript
last-modified: Wed, 29 Oct 2014 18:02:54 GMT
etag: W/"01bcf8fa2f3cf1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPLkh1D8%2Ffe4Mpknqhrd8GwhEKeh6Sid1EybhC3Tme9iatA68cuYTO9dze4FZgbZ31UWvnTuCmeF%2Fc7jjiPpK4MRTxKmgKlaz60%2FCf2G8RAFS2i4I0CyoMwqgtpRcMqSpnUuN8l6VVqfsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644edcf355694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:11:02 GMT
expires: Sat, 26 Apr 2025 06:11:02 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 19463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= | 172.67.193.235 | 200 OK | 155 kB |
URL User Request POST HTTP/3www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= IP172.67.193.235:443
CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
Size155 kB (154819 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=&__cf_chl_tk=mzcW5QJKzIiH1ELcLj2yfsEXWpv20OAzHr7kEIRYzns-1714131321-0.0.1.1-1770
Content-Type: application/x-www-form-urlencoded
Content-Length: 5018
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:24 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; path=/; expires=Sat, 26-Apr-25 11:35:24 GMT; domain=.rewardsgiant-au.com; HttpOnly; Secure; SameSite=None
ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; path=/; HttpOnly; SameSite=Lax
AF3_Cookie=; expires=Sat, 26-Apr-2025 11:35:24 GMT; path=/
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5Petdgo%2BA9%2BPhrTN6jqk5Lbse4peVzEY03dbn3rbEJtB6AMfPExYyysCNI2mtnMPDVWOcwO998GYx5K%2Fj8UjJjd5wI0gIOCPLFh59sUH74%2FVrX65s%2Bt1B%2Fd%2F13XdxyHHu0SSeIUApjAGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644eb2a065694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Roboto:ital,wght@1,300;1,400;1,500;1,700&display=swap | 142.250.74.106 | 200 OK | 9.4 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:ital,wght@1,300;1,400;1,500;1,700&display=swap IP142.250.74.106:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (9684), with no line terminators Hashaf97c00cd3fb1e12747336980396dc54 ffbd23f2366bb4868a90e6b9cfe476aa2bc92a36 399b04ccd7c11e4873397ae02476686a9fc9e48e845fc122765894f9d605cfd4
GET /css2?family=Roboto:ital,wght@1,300;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:35:25 GMT
date: Fri, 26 Apr 2024 11:35:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/credit_cards_icon_pk.svg | 172.67.193.235 | 200 OK | 7.7 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/credit_cards_icon_pk.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hashf3e244d340a0168955ac508d184d27cf efa040b849c4f7e900f569594f85aed80e5e12d4 705fb9c28c7c4d2f24720f9624b69f81ce5d2ce0231053026807e5545efc9e0c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/credit_cards_icon_pk.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Tue, 25 Feb 2020 19:52:49 GMT
etag: W/"6385442815ecd51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K7nvmpq85ML5S4Gjscbk%2BvXW8lImBodFUqtFc2MACgESyPsv%2BvglMHPuE%2BmHrKlrnRUY%2Bh0mSeILl1jTmM0Ohh4TzP%2BPhqAMk1JQnvUfUYD0ySyOPSbvkyrujEB5YsC0nAkfk8TdvEZBKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644edef7e5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/games.svg | 172.67.193.235 | 200 OK | 6.2 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/games.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hashf5a387e910a98b3c80e9e4b2eb566e13 a100ef9b0ef4314fc83242105b32afded62d1a02 b8f38daa8df84b02a8cf793ee2322896521cb606c86e2aa8bd875f591bfbec17
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/games.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2019 19:54:53 GMT
etag: W/"8024336c247ad51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hmg043EZGStU0PPnXfij07AP4YiEitnAxYY7F6ZstMBBgNOc3xcxMmJ8fK0kGWBgR2PvDi%2B1%2BPT6Zj14WOj5QeuSw1wXZj1ID7NLF4GD%2FaF84GSgQfzeOpujQnziTOTLZWxM6x91gZLLJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644ee0fae5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700&display=swap | 142.250.74.106 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700&display=swap IP142.250.74.106:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (8074), with no line terminators Hash5cdb0473771217f8a3b16a58beb22dfd bbf507490769fb15ad8bdb25317163feb38ca051 faa29f76198a5e1929099ef5df22f5493e4b1374828cb71de6f6d86162c75a30
GET /css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:35:25 GMT
date: Fri, 26 Apr 2024 11:35:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/financial.svg | 172.67.193.235 | 200 OK | 3.1 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/financial.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hashd7427c306ed58e22cb332c07d48c1773 3712058d35e2466faab52c602a014701f5d760ca 8540781533ae26038639c4e69b015597c999c7b1e53daba21c0e30ffde314643
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/financial.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2019 19:51:59 GMT
etag: W/"80d97c4247ad51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QaLkItLn5RTM2Q%2BAoI9gZyP7qlSf7hudrZwvAaapuUi5wMoNcm6yUDUmcG7JOyt86a2E6p10BUGK1b1Lm5R5aiJ1Mt1%2BAqGT5TiuezZaxz1Ugsst3UzmUnVwiTTTByC3az4AHBZkztl%2FQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644ee1fd45694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:25:01 GMT
expires: Sat, 26 Apr 2025 06:25:01 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 18624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/Services/BrowserInfo.ashx?FlowID=48601&VID=2HgPd7K-mQsGq6ZM4xwOEg2&windowx=1280&windowy=1024&resolutionx=1280&resolutiony=1024 | 172.67.193.235 | 200 OK | 0 B |
URL POST HTTP/3www.rewardsgiant-au.com/Services/BrowserInfo.ashx?FlowID=48601&VID=2HgPd7K-mQsGq6ZM4xwOEg2&windowx=1280&windowy=1024&resolutionx=1280&resolutiony=1024 IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /Services/BrowserInfo.ashx?FlowID=48601&VID=2HgPd7K-mQsGq6ZM4xwOEg2&windowx=1280&windowy=1024&resolutionx=1280&resolutiony=1024 HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-length: 0
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2BwuivoEg8FK84bKVrviPwsUq%2Fw9EVmvEkFyxPbgwgo7k3y4yfdVoro0XSvC5RiXwnr5qcc9lSpqah1zGZHeTgNJW3f72OsUYUwBISgmDHLdxmePKRG2SqSyaYbuwMOHUhmTx%2BgDToCgAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644f0edda5694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/uplevels/partial_pop_deals.svg | 172.67.193.235 | 200 OK | 53 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/uplevels/partial_pop_deals.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash1cda3843525c136babf8db1268d3e66a 6d6f873d06921e8f24eac18632aaacf864effe47 a4214c4fc6ce0281bc3d69c211182f26d9a1f5bd7f25f68fd572ae077a064572
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/uplevels/partial_pop_deals.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Tue, 02 Nov 2021 14:51:55 GMT
etag: W/"b7291a2ef9cfd71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w0IkIygyCsSXYq%2BGkZxxE1uEsnw56IsST33831c0K62lrDjEMQ9FAvhMxjCY5hZKzA23ehYPmELJRHqeqek3OgLwe4XQCP9hP8XhHOnvag3j4i4zTtj0qd%2BjYXOZgM8B67fJEMomKMeLfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644edef815694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/uplevels/bg-darkweb.png | 172.67.193.235 | 200 OK | 88 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/uplevels/bg-darkweb.png IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typePNG image data, 1100 x 602, 8-bit/color RGBA, non-interlaced Hash9e6c3008388010e0bd1fbd6dcbff02d7 ca8d71f947f219d8b55b6131c5aa8b8883f872fa c1a202cc888d8a81baae8a7fb7f317058b5215acf0dd44233c0ee92c8592dd3f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/uplevels/bg-darkweb.png HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/png
content-length: 88277
last-modified: Mon, 01 Nov 2021 16:42:54 GMT
etag: "bd964c843fcfd71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 33
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X9u5VHZxF80s%2BLDzaQaWZCsHuU60peY3bov2ruxtzw1O2vKwu3xlg1OKkg5xNzVPpSXIj0BotfIZUtu8rVjYFDtUOiPXMyGG9qkTT2Av3EYZaCVhlYiwWqgzIeQZvZpImbY2OeVTT4rUHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644f0cdab5694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 10:46:32 GMT
expires: Wed, 23 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 262133
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 | 142.250.74.163 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 17368, version 1.0 Hashabe083d96b58eb02ada8b7c30d7b09f2 61447d66d13a8c8f4335696777a85c438c46f749 db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:38:21 GMT
expires: Fri, 25 Apr 2025 17:38:21 GMT
cache-control: public, max-age=31536000
age: 64624
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CampImg/13069/rewardsgiant/avail-tag.svg | 172.67.193.235 | 200 OK | 3.5 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/rewardsgiant/avail-tag.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hashc41af018c3b4199e82bce316a2c0c0ec 14164b81fda152f67878754f2526e96d58937a5c ca3c46bab1e0ade0d53d8d45c493eac912cd7b522f14087b2f0f5ff1b3222dfb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/rewardsgiant/avail-tag.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Oct 2021 22:21:30 GMT
etag: W/"4a6c8aa37c5d71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AEzGw48WpUfFpYBcY5duUDzDsID7WdoGtBzQrfrEVN8vpC5M6AZCGwBLbEQbGFaRnZJGS%2FPGjPGzp3k2RrqDTxe8A%2B3HHveyyuywTOq1aDcQdifQCAw6JpWpnBdO5pOwdVXMmKHcceJHew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644f05ca95694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/uplevels/uplvl-logoblack.svg | 172.67.193.235 | 200 OK | 16 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/uplevels/uplvl-logoblack.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash664c4cf232bba04e6359f2d385c0a165 4fc8ec8e715cb7c106804d9cc6a35e7044a22956 3ba38e49b7051ac2f737627d1a9a72ec2ddf7b3c8897bb19c0f4d206aa9633a2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/uplevels/uplvl-logoblack.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Mon, 01 Nov 2021 13:28:19 GMT
etag: W/"809b715524cfd71:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FsNXXZxdCeZ6fvzMD%2F4siGI%2BRSD3YSJbjwyrRjLupzZbEzPjgAtUC3rofmtQ1vi4CkH9ZTvmdoHJzR2Fp9hqDsuyfPNaJ9PyJjNa9KTxbe3evwRy4YBiukzACrVTkMHjGKQFhjs5RvZR3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644f05cb25694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/Services/GetRewardValue.ashx?c=32&Value=amazon750au | 172.67.193.235 | 200 OK | 556 B |
URL GET HTTP/3www.rewardsgiant-au.com/Services/GetRewardValue.ashx?c=32&Value=amazon750au IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeASCII text, with very long lines (608), with no line terminators Hashabd23a79a09911fab62f2d57b62f62a9 bfa88c249a8ea3a9cd6920d5e44d381db12c607f 62d36d1aca92c3fb876e367f337012e3dc24b13979564d6dc8fcfc6cf79acad6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Services/GetRewardValue.ashx?c=32&Value=amazon750au HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:26 GMT
content-type: text/plain; charset=utf-8
cache-control: private
vary: Accept-Encoding
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1qySoTUE%2F71TJSHuJQMJdaV%2FLQPEAyJfn9NA92cpw4ZaJlg16K5rCi16mOxe5wg5hMPq%2BkVyV%2FgiDVuvzciaodBWt%2F1OaN1as62QdsfcciopBoPvW%2Bsx8lafiIko7yTR9tBR8%2B%2Fuun5Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644f2e9b55694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/Services/GetRewardValue.ashx?c=32&Value=amazon750au | 172.67.193.235 | 200 OK | 556 B |
URL GET HTTP/3www.rewardsgiant-au.com/Services/GetRewardValue.ashx?c=32&Value=amazon750au IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeASCII text, with very long lines (608), with no line terminators Hashabd23a79a09911fab62f2d57b62f62a9 bfa88c249a8ea3a9cd6920d5e44d381db12c607f 62d36d1aca92c3fb876e367f337012e3dc24b13979564d6dc8fcfc6cf79acad6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Services/GetRewardValue.ashx?c=32&Value=amazon750au HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=&bckm=1
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:26 GMT
content-type: text/plain; charset=utf-8
cache-control: private
vary: Accept-Encoding
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KSJ0QpKYcan%2BCMkDCW51ukVAixB7K6PSABn03UzHPkPfvz8YEWTydlennHfYwMdGE%2BcIqtR%2FH%2F4WUHXhV7p5aTkMORySufvG3bAI%2FraNHKheTB5YjMrD7K2%2B3vIR10O2un3fw4a2q6YzPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644f769145694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/PixelEventLogIframe.aspx?FlowID=48601&VID=2HgPd7K-mQsGq6ZM4xwOEg2&PixelEvtID=23991&fbclid=&gclid=&ckmc=&ckmscn=&ckmsc= | 172.67.193.235 | 200 OK | 1.7 kB |
URL GET HTTP/3www.rewardsgiant-au.com/PixelEventLogIframe.aspx?FlowID=48601&VID=2HgPd7K-mQsGq6ZM4xwOEg2&PixelEvtID=23991&fbclid=&gclid=&ckmc=&ckmscn=&ckmsc= IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJavaScript source, ASCII text, with very long lines (1879), with no line terminators Hashd3860bccae5bee35d81c7f78fd9dabc3 36233529ec0cf8e788430ec98eccc1ab075f8359 472625ebee8c3b8a97065f64a94a564ab878492577f6d59214abcf5b9614fad2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /PixelEventLogIframe.aspx?FlowID=48601&VID=2HgPd7K-mQsGq6ZM4xwOEg2&PixelEvtID=23991&fbclid=&gclid=&ckmc=&ckmscn=&ckmsc= HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:26 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nlfGSg5fa4QK4T8RjfA%2FoizTF0fdC04ITaanJ7Cm71H7LYZQpJipx0yROndK3mTJ%2BUEAkkre3L9Os0EL6esc2il%2B7dEnQejQLq81albgz%2B4RvyAarY5noZP9Y6t8XEIPgVTwpoWTSvggtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644f298c25694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15740, version 1.0 Hashb9c29351c46f3e8c8631c4002457f48a e57e59c5780995ff2937ab2b511a769212974a87 f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:08:29 GMT
expires: Sat, 26 Apr 2025 06:08:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 19616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:25:01 GMT
expires: Sat, 26 Apr 2025 06:25:01 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 18624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CSS/colorbox.css | 172.67.193.235 | 200 OK | 4.2 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CSS/colorbox.css IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeASCII text, with very long lines (4285), with no line terminators Hash2cc498112d5bdb2f62fee1689699d6a4 1190dcdf02ac186a0b56d485ac4dfb1d5f276e1f b5e40f273c1c3b029ed694698cc2a78984e35c66057316fbd7b50f9b23aa78a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CSS/colorbox.css HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: text/css
last-modified: Tue, 17 Feb 2015 15:15:05 GMT
etag: W/"80e21182c44ad01:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2rzirvDq4WKs1BJ6FTHrYWTyuTBWYgo1RacXOLlIeNc3Mxokf9GueyWP%2BUsvcO502zl5k4wnE1xVIXLYoGMtIlVR%2F%2Bfos8ki76X3NTWbA0kCo10BlHcNpTd86l0u7v55hiKcLAFXiyMBvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644edbf1f5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/JS/jquery-1.8.2.min.js | 172.67.193.235 | 200 OK | 93 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/jquery-1.8.2.min.js IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/jquery-1.8.2.min.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: application/javascript
last-modified: Mon, 17 Mar 2014 14:18:05 GMT
etag: W/"808c61b6eb41cf1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=We%2FkXCoPsQ3OteUd652Rc%2FRnGHOzIZ59miW9zUXVV1t0N8r%2BPrNV7cNH2JiU96plNDM0dhm5%2BoqCdq1hEMaNE1zyIsMLhcww2GZu2s2LJyM%2FcioqNxlKLWQap7JYS0zogAWHH7cfAye61g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644edbf235694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/phone3.svg | 172.67.193.235 | 200 OK | 18 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/phone3.svg IP172.67.193.235:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash138f730e25f530c672157b3ba419c735 32082e7438d476168acb089e5b11d2e463b716d2 3c280f74301b7eb86c854664cd3e5707e7ac4810f304b98f4481f16b55ccfdb3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/phone3.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=K6s8AbbB83xLzZJhDrIsNJnyRnLQ.5u02EJGyBNnCuE-1714131321-1.0.1.1-Z2ZhxwzKi7Fs7I1FrzfhDnNdxb4bGLH_by0Qf2gFVl_Czk_X2Mq4j8ZMSbZxlYK8UfrkjMS7kPn.LKgI3LQr0g; ASP.NET_SessionId=nyyd5bqwzlc2i4p0yyekomc2; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:35:25 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2019 20:01:50 GMT
etag: W/"88782065257ad51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zvWCRb7DH5xR0FR573bnbadygKXuwwSJEWhN4bep1yK%2Fck1NrOIcJ9uJERPl2Be3a4%2FpDOwd%2Fq4NEJcVBDZP%2FGJpAFaxc87H9I9AwpNILVkCfcrqyuuN%2Blr5D12DXesTFh%2Fau2%2BXRqgPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644edff905694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2 | 142.250.74.163 | 200 OK | 8.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496932&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8668, version 1.0 Hasha242ba0df3a128a2cab929a8c45d5056 d70e2c70b21cbb66cd883ae56e2dedacefd81c7c 50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
GET /s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:36:52 GMT
expires: Fri, 25 Apr 2025 17:36:52 GMT
cache-control: public, max-age=31536000
age: 64713
last-modified: Fri, 22 Mar 2024 00:00:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|