| ratrck.com/?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=97c56abcdc344132bf6834cfef23ea93261bd&s4= | 52.2.48.141 | 302 Found | 407 B |
URL User Request GET HTTP/1.1ratrck.com/?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=97c56abcdc344132bf6834cfef23ea93261bd&s4= IP52.2.48.141:443
CertificateIssuerGlobalSign nv-sa Subject*.ratrck.com Fingerprint85:F5:DB:D6:62:0F:0B:1F:0F:BA:83:44:8D:82:C8:DC:4F:4A:41:8C ValiditySat, 19 Aug 2023 04:44:19 GMT - Thu, 19 Sep 2024 04:44:18 GMT
File typeHTML document, ASCII text, with very long lines (335), with CRLF line terminators Hasha7ef79a6c1c549842459801c307de914 d8516c42129deb24777c818a1db611e33932c42a b62951ff4654f3c16ea47667013608ee391c8514ca037068b9319759f472d253
GET /?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=97c56abcdc344132bf6834cfef23ea93261bd&s4= HTTP/1.1
Host: ratrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 407
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Apr 2024 11:34:47 GMT
Location: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=6gITYsb83XCEeiwldSJThrk7c8B6SUxqyd1ii5F3V2z/s1ro4BMn9g==; domain=.ratrck.com; path=/; SameSite=None; secure; HttpOnly
trk=jF8bcnfHZ3oKUAy7UbkdwLk7c8B6SUxqyd1ii5F3V2z/s1ro4BMn9g==; domain=.ratrck.com; expires=Sun, 26-Apr-2026 11:34:48 GMT; path=/; SameSite=None; secure; HttpOnly
c212838=6gITYsb83XAiZyRMvar7+Vk6DwTk12u0V5dxuIlfF9+MbYvq1KAzWZYAycKY8azs; domain=.ratrck.com; expires=Sun, 26-May-2024 11:34:47 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close
|
|
| www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= | 104.21.52.12 | 200 OK | 8.1 kB |
URL User Request POST HTTP/3www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= IP104.21.52.12:443
CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeHTML document, ASCII text, with very long lines (17756), with no line terminators Hash7cf77b82e5cef679f1bab1fd48c5df28 6b2eb3e3260578aac10421823c58593cf5c381ca 8d72096a106559da6a0e1434c80ef36fd7b5fa54c30364d67c6d2a986927162c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 26 Apr 2024 11:34:48 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: XsXQ/f9gHRJQBW5PSeXvOlciN7mIPg76Fu507duSvU22mxSE0Sc3KTKynrB3Tp/GAdYrw6AJMNVgQGt7ARHI66vPCQdsgeMJVgqmoSgp1YA=$y9Z/gvmli/uiWHxETShAeA==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEHJuES0ArbZWreGROZl%2BeKkVfmaBlZoO1rIrFgmcBDmDAj7b2nGuzHc7xG4FAtcoOAjN6cq%2Br5kos%2FiVUdFJP1FcgKOrhNJFlk2ummyVQ3FLVUDr5tx34q0xRhmi2gS3hH76nE%2BZMZ92g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a64406a9240b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uvg4k/0x4AAAAAAADnOjc0PNeA8qVm/light/normal | 104.17.3.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uvg4k/0x4AAAAAAADnOjc0PNeA8qVm/light/normal IP104.17.3.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hashfaaccd994736ac1ec27f87c7d131e000 8bbbcaa6d8387753750f30173e7303cb8d2fedb2 997918e23bdb4e84ae2b5d249489562a05e6ae4085a0fd3927b1ff237d875719
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uvg4k/0x4AAAAAAADnOjc0PNeA8qVm/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:48 GMT
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
document-policy: js-profiling
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
vary: accept-encoding
server: cloudflare
cf-ray: 87a6440b1ffd5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87a6440b1ffd5689/1714131289265/oHev5tp6Q4tKZYq | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87a6440b1ffd5689/1714131289265/oHev5tp6Q4tKZYq IP104.17.3.184:0
File typePNG image data, 10 x 57, 8-bit/color RGB, non-interlaced Hash565b6cd722c5e2369514359b6faabef0 33e8cc51e0c98e1154d4c01eb8d2966118291ea3 1a33d7a79fb2557dec68c407013ebb934eddab88eb17c73f5b3ca367462d2a42
GET /cdn-cgi/challenge-platform/h/b/i/87a6440b1ffd5689/1714131289265/oHev5tp6Q4tKZYq HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uvg4k/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:50 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87a644127c565689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87a6440b1ffd5689/1714131289268/b107b6e12d77e4a0673718f86404530c3923173fa88ed0c882ef2f23148ef11e/XzyCcjRmLMYh1Vn | 104.17.3.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87a6440b1ffd5689/1714131289268/b107b6e12d77e4a0673718f86404530c3923173fa88ed0c882ef2f23148ef11e/XzyCcjRmLMYh1Vn IP104.17.3.184:0
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/87a6440b1ffd5689/1714131289268/b107b6e12d77e4a0673718f86404530c3923173fa88ed0c882ef2f23148ef11e/XzyCcjRmLMYh1Vn HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uvg4k/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Fri, 26 Apr 2024 11:34:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gsQe24S135KBnNxj4ZARTDDkjFz-ojtDIgu8vIxSO8R4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tILEHtuEtd-SgZzcY-GQEUww5Ixc_qI7QyILvLyMUjvEeABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 87a644141ea25689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/phone3.svg | 104.21.52.12 | 200 OK | 22 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/phone3.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash138f730e25f530c672157b3ba419c735 32082e7438d476168acb089e5b11d2e463b716d2 3c280f74301b7eb86c854664cd3e5707e7ac4810f304b98f4481f16b55ccfdb3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/phone3.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2019 20:01:50 GMT
etag: W/"88782065257ad51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mROziXyL%2FSurgefvheNgZ3bGqtQ1J9lStfdrpPZcLuAxoNf1KuGja9tzH6JaZfzEohIWIog71etkLxn8hKemS4mQlTJufsujZLcu%2FBmGZo%2BWdWsDqjP9Il100TskJQ5hVo9VtqjsA%2BJ2Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a6441d7ccf56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/games.svg | 104.21.52.12 | 200 OK | 9.5 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/games.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash6094af3b16a7ad5f53841ed922f84438 a31c7b85451a0b12861a655358599b35cbe85d87 7ce743cdc890af9c54cd6259350a6f9b2ea55d01e79e4888a32d0915f5b4e86b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/games.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2019 19:54:53 GMT
etag: W/"8024336c247ad51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XGrbOeMAyqmYpHJUNJR8j2viQPknBXM8OsxYsJ3QFwj45oOC92QMrsxx%2FkmfSf1JVMmrv8%2FbnbUditPWU3SPzwzJeDijgHOM4Otnio6zDK0vJz0kOERYQcOV1yWk2d6%2FzSmOTORbfEPy4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d7cd456cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/subscription.svg | 104.21.52.12 | 200 OK | 8.9 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/subscription.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash273ad9e739440291763922726713e9da 79cff8763cc7f5375ee9472714e78947da1e66b8 a6d805de1692998f86ac8b4dc8ceab65827f4961da10be9a50c69ef663ef134d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/subscription.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2019 19:51:59 GMT
etag: W/"7428804247ad51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gKYYKX83nX0CXEOhHcxlRDaWJUil%2FxDfdqkNy6CF1QdcrdcqTXPOL77y1bOGYkuxCh8%2BN0PSrIm%2BAb8daL96hvG4UhcFRX2zRQp1C0x6erwnTRVs47Fq9NyX3tVZ2cOFzZNq4gJpV3YjwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a6441d8cda56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 142.250.74.163 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:14:40 GMT
expires: Sat, 26 Apr 2025 06:14:40 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 19212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:54:32 GMT
expires: Sat, 26 Apr 2025 05:54:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 20420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/JS/jquery-1.8.2.min.js | 104.21.52.12 | 200 OK | 42 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/jquery-1.8.2.min.js IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/PixelEventLogIframe.aspx?FlowID=48601&VID=lUVnoHbb7nzxUegnl6Od0Q2&PixelEvtID=23991&fbclid=&gclid=&ckmc=&ckmscn=&ckmsc= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators Hashcfa9051cc0b05eb519f1e16b2a6645d7 149b5180cb9de3f646fc26802440a6ac6e758d40 f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/jquery-1.8.2.min.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Mar 2014 14:18:05 GMT
etag: W/"808c61b6eb41cf1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=88zGPKzYID0hneYtUhmMD9Cdjwh6JLBaGwTnNRjcQKTwQ5oOklGVyWV14JIjBuCvR6ioZ2Ufq4Nczp3z4dmggPeGEZKt6cj1Inp5lJmmy5LdmrnwSFJRyzYCz9ipxaJvYXA32DYcZSBcag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d2c1e56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15740, version 1.0 Hashb9c29351c46f3e8c8631c4002457f48a e57e59c5780995ff2937ab2b511a769212974a87 f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:08:29 GMT
expires: Sat, 26 Apr 2025 06:08:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 19583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:25:01 GMT
expires: Sat, 26 Apr 2025 06:25:01 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 18591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:19:23 GMT
expires: Sat, 26 Apr 2025 06:19:23 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
age: 18929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 10:46:32 GMT
expires: Wed, 23 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 262100
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1646207535:1714127227:EoCK4zRW7o9OUr6K0rTWwGjPeNxCQ0vM0WQiUkssE64/87a6440b1ffd5689/38034b809257e19 | 104.17.3.184 | | 12 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1646207535:1714127227:EoCK4zRW7o9OUr6K0rTWwGjPeNxCQ0vM0WQiUkssE64/87a6440b1ffd5689/38034b809257e19 IP104.17.3.184:0
File typeASCII text, with very long lines (3580), with no line terminators Hash896e69ec838ebdf6b4d7bb8b00e54931 76b65c6e8a1cac727c1ab9bb59e27861f904963f 5376cf41a50bcfcf4ff50fe854369f8acd998d53f0fefa413b9e9cdfd7e916aa
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1646207535:1714127227:EoCK4zRW7o9OUr6K0rTWwGjPeNxCQ0vM0WQiUkssE64/87a6440b1ffd5689/38034b809257e19 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/uvg4k/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 38034b809257e19
Content-Length: 27293
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: J0/ZFqveHEw736FxQLqhspH9rwUHCbkr1r8jPN+Pvn2oECfTy9KZjo18wYbIiLqCp/AUOWWhlry0TaFJOsMZ10tZc2yfT0FMPvvDf1r/dH9mdTXNE4ZXbyo9VAK7B5TMmjgOXuDVUtNKPQNoek09mtAwnRCCj0cTl2dGQCk/fZLNYsgGYOihkAjXo5Ncm4q5$3KdLwX6fQlH3a5PNleEdBQ==
cf-chl-out: m/GrniD92Z1vkIgjDdZoN6SgA6NBLTtwkaQ63VYoXggCb1ts0EYiaxJjmhCfgVTH14XmjCKOCF+rNBuyNu0bGoGgCvmYEq9/ibxaNOcq3Cpg+yPGM3V4/KBYI4eppY54$6b9NNm6IrNyza2Rr0S1sNg==
vary: accept-encoding
server: cloudflare
cf-ray: 87a644195e685689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 | 142.250.74.163 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 17368, version 1.0 Hashabe083d96b58eb02ada8b7c30d7b09f2 61447d66d13a8c8f4335696777a85c438c46f749 db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:38:21 GMT
expires: Fri, 25 Apr 2025 17:38:21 GMT
cache-control: public, max-age=31536000
age: 64591
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.8 kB |
URL GET HTTP/3fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7840, version 1.0 Hash8d91ec1ca2d8b56640a47117e313a3e9 a9e9bafe64666f4595051a0e895b47a5fa39e67e 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:50:53 GMT
expires: Sat, 26 Apr 2025 05:50:53 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
content-type: font/woff2
age: 20639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.clicken.us/tag/LocalStorageSetNew.html?1=1&vid=lUVnoHbb7nzxUegnl6Od0Q2 | 104.16.243.248 | 403 Forbidden | 7.5 kB |
URL GET HTTP/1.1www.clicken.us/tag/LocalStorageSetNew.html?1=1&vid=lUVnoHbb7nzxUegnl6Od0Q2 IP104.16.243.248:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectclicken.us Fingerprint9D:1E:F7:7C:84:54:C1:F6:8C:3C:BE:DF:34:FA:16:AE:EC:6E:03:3D ValiditySat, 30 Mar 2024 00:10:18 GMT - Fri, 28 Jun 2024 00:10:17 GMT
File typeHTML document, ASCII text, with very long lines (16621), with no line terminators Hash89b4f7dbd7f2dbc270e24f25a044aa16 e27c41046cb8cd6c79f1e95c60876d8b25ccc332 9fa0189e968c95cebc71525c1f6a5423219e69ae291eff805a42e504c8a2983d
GET /tag/LocalStorageSetNew.html?1=1&vid=lUVnoHbb7nzxUegnl6Od0Q2 HTTP/1.1
Host: www.clicken.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 26 Apr 2024 11:34:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: m0aG/D9mvibGQOS3FcTub9rLXuoi6mcelZb1NzAn7dLuwvNMENwQmEWXWfKCVgCX7ve1kC62osc4fy9lGtYkwAKSM51pvpoCekoa/fshXdE=$NUdyVYAO1vcdnxkD4wdY6Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=nuAPhYt2qBfpiJX7bASj14gHV5OJOd9zN7vcJbWzTZI-1714131292-1.0.1.1-gKBzD__qYOlVkwOEP5kYTds2AyNxgrz0VHEXfNnvfN78ms0GpwSX2VxoGnSatP2Q.rQHQvifXq5LOoUCtarxpg; path=/; expires=Fri, 26-Apr-24 12:04:52 GMT; domain=.clicken.us; HttpOnly; Secure; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a64421df697127-OSL
Content-Encoding: gzip
|
|
| www.rewardsgiant-au.com/Services/BrowserInfo.ashx?FlowID=48601&VID=lUVnoHbb7nzxUegnl6Od0Q2&windowx=1280&windowy=1024&resolutionx=1280&resolutiony=1024 | 104.21.52.12 | 200 OK | 0 B |
URL POST HTTP/3www.rewardsgiant-au.com/Services/BrowserInfo.ashx?FlowID=48601&VID=lUVnoHbb7nzxUegnl6Od0Q2&windowx=1280&windowy=1024&resolutionx=1280&resolutiony=1024 IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /Services/BrowserInfo.ashx?FlowID=48601&VID=lUVnoHbb7nzxUegnl6Od0Q2&windowx=1280&windowy=1024&resolutionx=1280&resolutiony=1024 HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-length: 0
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s6an%2FPaJNE373%2FyCB93mHjLZnyybSx8drsaY16cXWgfXRzNbrvW1XAI7abGTTWniGtt9eCIwsaepzdJAfJI8j5GGgtC5BXMFwsXokJffjTwGKn%2BMlJhZ9RCRWEP1iy748h7Xfm8NcluN6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644210a1b56cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/uplevels/bg-darkweb.png | 104.21.52.12 | 200 OK | 88 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/uplevels/bg-darkweb.png IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typePNG image data, 1100 x 602, 8-bit/color RGBA, non-interlaced Hash9e6c3008388010e0bd1fbd6dcbff02d7 ca8d71f947f219d8b55b6131c5aa8b8883f872fa c1a202cc888d8a81baae8a7fb7f317058b5215acf0dd44233c0ee92c8592dd3f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/uplevels/bg-darkweb.png HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: image/png
content-length: 88277
last-modified: Mon, 01 Nov 2021 16:42:54 GMT
etag: "bd964c843fcfd71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FWgcaJYIOnqf15bVcJWz3MTmMjzdA9Jw%2BoP1x0bXRGUOMkUsuplrm7gRB4TrN9lBbmAhVvZtzPOKLzNFjGgbL5Ske4%2BCXv2odCH0bdT1%2F1meECe5YIYtlG%2Fj1aot0zjpUNrUc2hldRWIUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a64420e9f356cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/generic_gift_card_us-1.svg | 104.21.52.12 | 200 OK | 214 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/generic_gift_card_us-1.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Size214 kB (213507 bytes) Hash694c0cc731e69bd5566058059028c731 d8c517df02424f4b762cc417e9e7511818851a04 d43295dd46a5c21bdbaceb8f895cb19eb03d734d3ff9bd9c58b34440b837f5be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/generic_gift_card_us-1.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2019 20:12:15 GMT
etag: W/"80b947d9267ad51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3mUgIKtdz4rIWW15yQlrjfbCgvGWR8LyX99OkZLpZJycyrZIa1loM2WPc45znyJeWeX6D8buFa5InlET12m1ttAIi4PoKn0azmqD%2BfL%2BWDrDGnajKO00g6vpf8hohA%2FBfmjL1gV3yS4UvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d7cd256cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/JS/InternalLibrary.js | 104.21.52.12 | 200 OK | 122 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/InternalLibrary.js IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (1089), with CRLF line terminators Size122 kB (121770 bytes) Hash7fee3ad00afaa1af03483da541e685c6 134b8b2a4f2d2bf98ba9a1f188996e4ba4ee684d a4f4f673fedd1494caf3f31e20423c906e21c47e1cce69462b522f9c47a5f780
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/InternalLibrary.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: application/javascript
last-modified: Tue, 21 Nov 2023 16:30:42 GMT
etag: W/"065cb11981cda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2FjbVu3E29DTMxQlIW0mnmUoA%2BHeUOCQ13c1o3sVqx5E3bT70fsgXePcnR3ZI%2FI7%2Bkqm%2BeTptfpXyo866SKMAXaLfSXivldABl5NXkvhMb7YkdduuyxuwBsHSj5SDM6mLF8wfmP42DAKYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d2c2156cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/1718/SuperDynamic/genericimg/amazon750_lg.png | 104.21.52.12 | 200 OK | 229 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/1718/SuperDynamic/genericimg/amazon750_lg.png IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typePNG image data, 500 x 320, 8-bit/color RGBA, non-interlaced Size229 kB (229034 bytes) Hash8414c2d1505221c57e90842de46091ae 760aa8c43c6bbd49da46daf7cb6f92191998e7fa b72e6560c5f7c55f0a1d4c8c77d390499f1888e8381140854a02e19cd8906b3f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/1718/SuperDynamic/genericimg/amazon750_lg.png HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=&bckm=1
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:53 GMT
content-type: image/png
content-length: 229034
last-modified: Thu, 20 Aug 2020 16:35:13 GMT
etag: "6ee9e0f77d61:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8n2oB5aLyhpalwbmnr7FH8Zc0xSBU4MOpn7SEdxyTeVipnGF8yOmQ6mAmvtP%2BhfDonPwe5Fva3cKkGWeg54oKDut6Zze9TpKbcntEefuVIFY9OAHokJDgEvMaL1y44QbgHDy8VtcL7dXfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644233d8356cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700&display=swap | 142.250.74.106 | 200 OK | 4.9 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700&display=swap IP142.250.74.106:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typegzip compressed data, max compression Hashd65853ca7e54781f285a037e91ff95f3 46267f5f79958f61f7da392220458350d7c9fb22 e3547db7387a29fd6cbb52e81d91bafbad9b9d4bf626d4891ff511270b2b6d38
GET /css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:34:51 GMT
date: Fri, 26 Apr 2024 11:34:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/financial.svg | 104.21.52.12 | 200 OK | 14 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/financial.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hashd207ad9383165abe0094ed0f79160e3c 423b6d35d5be99919b37dd90ceae0b452dab9a2f ad84229bf3c7ebe9e3e8e03809ac09dfb3ea98a66f134e0601dc127ec7e59580
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/financial.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2019 19:51:59 GMT
etag: W/"80d97c4247ad51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a27mc2Lt7EwHxpxGwnuFpbtWACkYzu52f8z5ccta%2BbeDVpABn9yjWmg7flolHPsxZJ493aQgizKpCp%2F2rF5mHI7KsggIQtdSIhC2UrFhFkAC0mxBE3J%2BDGXsXr25G7Ztysv2MyEqM28Qsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d8cdc56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/uplevels/uplvl-logoblack.svg | 104.21.52.12 | 200 OK | 16 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/uplevels/uplvl-logoblack.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash664c4cf232bba04e6359f2d385c0a165 4fc8ec8e715cb7c106804d9cc6a35e7044a22956 3ba38e49b7051ac2f737627d1a9a72ec2ddf7b3c8897bb19c0f4d206aa9633a2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/uplevels/uplvl-logoblack.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: image/svg+xml
last-modified: Mon, 01 Nov 2021 13:28:19 GMT
etag: W/"809b715524cfd71:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZSGyT44AZMAELm%2B0YqiXfyJo17%2BSVJX4Gs8exTjtfccTLb33PJE9aQRWMspgfXV%2B1a9GU6ltq9l7WkKqJs%2BZwb9rdnVY%2BiEI3HDNVkGRpmqJ5SVEX%2F9MgMAaalZt10krH6wfc9VAXFpPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441fd82256cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gfstrck.com/?a=244839&c=381589&oc=220795&sr=t&s2=UgfCNiYzxf59QMsLuEkVbJ&vt=1714131245743&h=27cc87449d7a76c62417ee3dac0de9e2774f8526&req=https://gdmtrck.com/?a=244839&c=381589&co=303619&mt=18&s2=UgfCNiYzxf59QMsLuEkVbJ&s2=UgfCNiYzxf59QMsLuEkVbJ&co=303619&mt=18&sip=94.177.53.38&sh=e54673789e7f987c6db1524094ca66a63cda117b | 99.80.182.52 | 302 Found | 18 kB |
URL User Request GET HTTP/2gfstrck.com/?a=244839&c=381589&oc=220795&sr=t&s2=UgfCNiYzxf59QMsLuEkVbJ&vt=1714131245743&h=27cc87449d7a76c62417ee3dac0de9e2774f8526&req=https://gdmtrck.com/?a=244839&c=381589&co=303619&mt=18&s2=UgfCNiYzxf59QMsLuEkVbJ&s2=UgfCNiYzxf59QMsLuEkVbJ&co=303619&mt=18&sip=94.177.53.38&sh=e54673789e7f987c6db1524094ca66a63cda117b IP99.80.182.52:443
CertificateIssuerAmazon Subjectclfstrk.com Fingerprint1F:4E:BF:6D:32:C8:8C:EB:66:0B:35:BF:66:DD:DC:0A:07:F0:2A:28 ValidityFri, 30 Jun 2023 00:00:00 GMT - Sun, 28 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a=244839&c=381589&oc=220795&sr=t&s2=UgfCNiYzxf59QMsLuEkVbJ&vt=1714131245743&h=27cc87449d7a76c62417ee3dac0de9e2774f8526&req=https://gdmtrck.com/?a=244839&c=381589&co=303619&mt=18&s2=UgfCNiYzxf59QMsLuEkVbJ&s2=UgfCNiYzxf59QMsLuEkVbJ&co=303619&mt=18&sip=94.177.53.38&sh=e54673789e7f987c6db1524094ca66a63cda117b HTTP/1.1
Host: gfstrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 11:34:47 GMT
content-type: text/html;charset=ISO-8859-1
location: https://ratrck.com/?oex3=h5yeQbcJcXpNenBvUOeqJInSOAEY5%2fLDvQJDRoz7h5U%3d&s1=244839&s2=97c56abcdc344132bf6834cfef23ea93261bd&s4=
server: nginx
set-cookie: gdm_sid_v1_3_001=+M/lGlZCF2GSgw9L/UA2IohcVu/GA4K5+fMp48kajWn6SzUB3Xld0q7I5RPiCcuZ7EBnBKMWFFJHOQXdbJPJUjvFmXzNxDgEZ6pvKbeqxaLJfnRLAhVgTtZYQSQzm2tgROm5CU8D+lu77wZwiSmdDb0uwvEe0eELMPUSO/xl8qIPg3mg7h45dkp0uC6OL/iHov8wvt8HLsXvSsi220FWUGuKsBaB+vXcySEsk3puxJdXH/O7RGoGB05csAq8lP0BUQq6IO528G4gFEUpfu+fKhZc4Xw4dREa9egyWZskon3MRVY3V5CY+YjJRxptMlMPKmxsLBqLAELg064rXQ0Ohieq+a4g6SRcM2L8/07ZShfJkvoRfmNg7wSd/rXyde/Bu0bw0to1dqGbYFOlgI0FEsWTLx9d5GD6X5nVtQnRsF+gr6GSPaoJIZSj7daqUg1aUihrONpmw0OkZd8Mwr7tutl8ljpUaE/H8M7eL/LEY3biv7bHr3u+EDvwBzq3CBKyo50NOmUrnu9okxTSoyD29mQIqcOADwMDRU60liuOwq1jl8sx31UtDSXbekJS6sDgFJBS97jrevjc+4vAtEbJCygk4nwM+2RvwpU+hjhY42mEl/OTGwCAx1+PGNF5zRn/lg+jIx/B4SQh8c3nVpAj8sehQxzzaojc2dZr9ps9Z8rCwgVDXR1FMTXS1GpzNpPvhecbDLYLp16Ay6iYZcV2GmjmKlclwilfle9l1EH0JhAFLy//TVpg+1+aFOdiDyVWJSNAVJ19ctetKJBQ6W+tuNB6M90qOmTxU25/4CNS6c38tmg4fNGPouSFWtJ4QvjiwuRdG5B/BTJQpyO/5Hpi9V0D1bzxsyBEBfdDGcPwalQGb+htIlYzIDVhkIhy/v5BVWlLgVp4e0QzZ7YVlhlWTksIyd5MlGMr6wzrXuRReZ6dxGwUPwF3uDQz+Cutax0vqKBo9jbNZTovnu/WG+kEHj7WdxOwQYTxllcYUQSGAcG6rIiFPDanKWl7zbQaw9RjXNyHeWM2rSjuVvdBae5oLA==; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:34:47 GMT; Path=/
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:34:47 GMT; Path=/; Secure; SameSite=None
gdm_click_freq_v1_1_001=1xnY663Dwz37zq1ZH8267rB617yNdomKJGmTqu6jmxA9s/M7RHVf/FXhksKKD8AK; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:34:47 GMT; Path=/
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:34:47 GMT; Path=/
gdm_click_freq_v2_1_001=1xnY663Dwz37zq1ZH8267rB617yNdomKJGmTqu6jmxA9s/M7RHVf/FXhksKKD8AK; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:34:47 GMT; Path=/; Secure; SameSite=None
gdm_click_adv_freq_v2_1_001=7BXaVSr/Po3b86q1qy22TugV+ggkQOojEjNcK12/EP7EqWZZk1QLGK2fd6DpXYNt; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:34:47 GMT; Path=/; Secure; SameSite=None
gdm_click_adv_freq_v1_1_001=7BXaVSr/Po3b86q1qy22TugV+ggkQOojEjNcK12/EP7EqWZZk1QLGK2fd6DpXYNt; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:34:47 GMT; Path=/
gdm_sid_v2_3_001=+M/lGlZCF2GSgw9L/UA2IohcVu/GA4K5+fMp48kajWn6SzUB3Xld0q7I5RPiCcuZ7EBnBKMWFFJHOQXdbJPJUjvFmXzNxDgEZ6pvKbeqxaLJfnRLAhVgTtZYQSQzm2tgROm5CU8D+lu77wZwiSmdDb0uwvEe0eELMPUSO/xl8qIPg3mg7h45dkp0uC6OL/iHov8wvt8HLsXvSsi220FWUGuKsBaB+vXcySEsk3puxJdXH/O7RGoGB05csAq8lP0BUQq6IO528G4gFEUpfu+fKhZc4Xw4dREa9egyWZskon3MRVY3V5CY+YjJRxptMlMPKmxsLBqLAELg064rXQ0Ohieq+a4g6SRcM2L8/07ZShfJkvoRfmNg7wSd/rXyde/Bu0bw0to1dqGbYFOlgI0FEsWTLx9d5GD6X5nVtQnRsF+gr6GSPaoJIZSj7daqUg1aUihrONpmw0OkZd8Mwr7tutl8ljpUaE/H8M7eL/LEY3biv7bHr3u+EDvwBzq3CBKyo50NOmUrnu9okxTSoyD29mQIqcOADwMDRU60liuOwq1jl8sx31UtDSXbekJS6sDgFJBS97jrevjc+4vAtEbJCygk4nwM+2RvwpU+hjhY42mEl/OTGwCAx1+PGNF5zRn/lg+jIx/B4SQh8c3nVpAj8sehQxzzaojc2dZr9ps9Z8rCwgVDXR1FMTXS1GpzNpPvhecbDLYLp16Ay6iYZcV2GmjmKlclwilfle9l1EH0JhAFLy//TVpg+1+aFOdiDyVWJSNAVJ19ctetKJBQ6W+tuNB6M90qOmTxU25/4CNS6c38tmg4fNGPouSFWtJ4QvjiwuRdG5B/BTJQpyO/5Hpi9V0D1bzxsyBEBfdDGcPwalQGb+htIlYzIDVhkIhy/v5BVWlLgVp4e0QzZ7YVlhlWTksIyd5MlGMr6wzrXuRReZ6dxGwUPwF3uDQz+Cutax0vqKBo9jbNZTovnu/WG+kEHj7WdxOwQYTxllcYUQSGAcG6rIiFPDanKWl7zbQaw9RjXNyHeWM2rSjuVvdBae5oLA==; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:34:47 GMT; Path=/; Secure; SameSite=None
gdm_uid_v1_1_001=AgFUmRjWUJwxPpkFtJN1ZDJbVLvqTDwa2hxfMrTwWShANBUsdnlmuKIn+Y3xegeH; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:34:47 GMT; Path=/
gdm_uid_v2_1_001=AgFUmRjWUJwxPpkFtJN1ZDJbVLvqTDwa2hxfMrTwWShANBUsdnlmuKIn+Y3xegeH; Domain=.gfstrck.com; Expires=Thu, 25-Jul-2024 11:34:47 GMT; Path=/; Secure; SameSite=None
content-language: en-US
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:ital,wght@1,300;1,400;1,500;1,700&display=swap | 142.250.74.106 | 200 OK | 9.4 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:ital,wght@1,300;1,400;1,500;1,700&display=swap IP142.250.74.106:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (9684), with no line terminators Hashaf97c00cd3fb1e12747336980396dc54 ffbd23f2366bb4868a90e6b9cfe476aa2bc92a36 399b04ccd7c11e4873397ae02476686a9fc9e48e845fc122765894f9d605cfd4
GET /css2?family=Roboto:ital,wght@1,300;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:34:51 GMT
date: Fri, 26 Apr 2024 11:34:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800,900&display=swap | 142.250.74.106 | 200 OK | 5.5 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800,900&display=swap IP142.250.74.106:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (5641), with no line terminators Hash35b66465b230fcf9cde32761a6187553 23aeb1a7e72b51f65b0ffa6f16c2c43bc1b97e99 61a937f2c296ef8887d128d83dd76b7efb5e17f60e375fdeea4731a290b67d07
GET /css?family=Poppins:300,400,500,600,700,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:34:51 GMT
date: Fri, 26 Apr 2024 11:34:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:11:02 GMT
expires: Sat, 26 Apr 2025 06:11:02 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 19430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Muli:300,400,600,700,800,900 | 142.250.74.106 | 200 OK | 6.5 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Muli:300,400,600,700,800,900 IP142.250.74.106:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (6612), with no line terminators Hash30591f36d0d9486596e926f78527db25 74bdbfcefd6f5826013df4c8c251f43290059fbb 42ef315179512f16ac8d0d36656f53fc6922af6f68120b1c69f15dd9573a9627
GET /css?family=Muli:300,400,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:34:51 GMT
date: Fri, 26 Apr 2024 11:34:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.cdn925.com/CampImg/13069/uplevels/uplevelslogo.svg | 104.16.246.135 | 403 Forbidden | 0 B |
URL GET HTTP/2www.cdn925.com/CampImg/13069/uplevels/uplevelslogo.svg IP104.16.246.135:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerLet's Encrypt Subjectcdn925.com FingerprintF9:CD:4C:2E:5E:7B:1C:63:CD:25:48:7B:49:80:65:DA:9E:52:6B:48 ValidityTue, 02 Apr 2024 00:46:24 GMT - Mon, 01 Jul 2024 00:46:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /CampImg/13069/uplevels/uplevelslogo.svg HTTP/1.1
Host: www.cdn925.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Cookie: __cf_bm=OrohaSEhZ2DhYIuakr1gPYQ.gFUzOBs27K5nPSVIWPA-1714131291-1.0.1.1-TVOGk5VkCAmPBfzCuriNskUjy1eczFOQUCkuv1sD7LGc2XXgTuwhoKOgK6Tw3vQvgubFyWAQoT2YEMI0cr5Jtw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: L7e5GL0qUOfJ4oeFLeIkeO/8nEhL+woV9j/YEbhzX5bbgkVhobk8YtjlQxVAhr1YcFjHWXuktY1c3iD0Q79uSl2/erHv3vf9klskAZ38zuM=$OoBMs3WXiDZaeOkfjuQyww==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a6441fdfab56c1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CampImg/13069/image3.png | 104.21.52.12 | 200 OK | 206 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/image3.png IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typePNG image data, 750 x 656, 8-bit colormap, non-interlaced Size206 kB (206233 bytes) Hash3147b4bd6ee65307574f07a038c64466 b67f67da18f0ee88bc0132d0f342321f395c0051 0ae08f10cd825085962b6efc1da7b7b4485bf08f109ea12505b70d62ca87539e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/image3.png HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: image/png
content-length: 206233
last-modified: Mon, 01 Jul 2019 20:11:23 GMT
etag: "7e7a7f274930d51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rLNps6lN%2Fp8RJ9lb65LIKHFzVSplWINaXrP9MsriZ16FtJIYBxkG1eBjPkIXtENlxJAN9KStXy5xxQD9S4kHzlcXBq8TYf5NdVKrpxqoOXYEFyDQTlLtXSylIRYjueb%2Bz1WCgquEzJwwrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a6441fd81b56cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/Services/GetRewardValue.ashx?c=32&Value=amazon750au | 104.21.52.12 | 200 OK | 556 B |
URL GET HTTP/3www.rewardsgiant-au.com/Services/GetRewardValue.ashx?c=32&Value=amazon750au IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeASCII text, with very long lines (608), with no line terminators Hashabd23a79a09911fab62f2d57b62f62a9 bfa88c249a8ea3a9cd6920d5e44d381db12c607f 62d36d1aca92c3fb876e367f337012e3dc24b13979564d6dc8fcfc6cf79acad6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Services/GetRewardValue.ashx?c=32&Value=amazon750au HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=&bckm=1
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:53 GMT
content-type: text/plain; charset=utf-8
cache-control: private
vary: Accept-Encoding
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mpi01ijSvK50rwU3bxT5YONLi0bfAQQTIfIwCpIz1TYQSmZSfZcEsq%2FIcTVEiSDJx%2BGAU%2BAT7PzKWKs3w6UGaYsc7HVw8wx3sdZYSwT4VREzG09IzhAc%2F2OM%2F%2Flqziyq5K%2FRVGKYksN1sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644281d7956cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CSS/colorbox.css | 104.21.52.12 | 200 OK | 4.2 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CSS/colorbox.css IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeASCII text, with very long lines (4285), with no line terminators Hash2cc498112d5bdb2f62fee1689699d6a4 1190dcdf02ac186a0b56d485ac4dfb1d5f276e1f b5e40f273c1c3b029ed694698cc2a78984e35c66057316fbd7b50f9b23aa78a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CSS/colorbox.css HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: text/css
last-modified: Tue, 17 Feb 2015 15:15:05 GMT
etag: W/"80e21182c44ad01:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uz5cUzusl9KwZDa%2BKZ61lm%2FR1LxUfApE%2B%2FSdHSsjf2JsDj2WhTJ0M14oy8VZynzWHPVih696iXr%2FL4xZEmX05leqNkxu%2FKzYs564M%2B72NmRkH45t1Rwuj8eYgAUv4PXmxB6xYBn2tJRL%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d1c1a56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/JS/jquery.colorbox-min.js | 104.21.52.12 | 200 OK | 32 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/jquery.colorbox-min.js IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash67ecd5ef68ad2bbdc89f673355ec270a 537e4d4873e8608139087d5e7d1e94a0a33e29e0 1e8cdf8b6b76616f6e721a0f53dfab323db16cc7eddfd7136135c5d5382ff126
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/jquery.colorbox-min.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: application/javascript
last-modified: Wed, 29 Oct 2014 18:02:54 GMT
etag: W/"01bcf8fa2f3cf1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jpwVZYBwivsABcmQ03qaPJ8iSwx32gSZMmtzvNdjX4usBMUACZBQFmbp0GS%2FpQ9umX5XTdgGPlqKbiEt5mih%2F25m4b2GYm7Db%2FCKpNCcSDRsO5Ml886RNs1%2FbPZOP5sUbRj3TiWmtpsCfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d2c2956cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/rewardsgiant/avail-tag.svg | 104.21.52.12 | 200 OK | 3.5 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/rewardsgiant/avail-tag.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hashc41af018c3b4199e82bce316a2c0c0ec 14164b81fda152f67878754f2526e96d58937a5c ca3c46bab1e0ade0d53d8d45c493eac912cd7b522f14087b2f0f5ff1b3222dfb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/rewardsgiant/avail-tag.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Oct 2021 22:21:30 GMT
etag: W/"4a6c8aa37c5d71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uH3eKMVwACGd8zbjMp1APA7sIQPzMr61jkLV%2B5tKy4VMnA9F6PSCBFAel8GCJMoUQuTvHwyHAYqRc%2FGvyW4jU0huB7W2iItmu98M1U2iAyQKODyNzGuEhrWATcIdrTAFM3FnrSxI%2Fg3WFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a6441fd81f56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/favicon.ico | 104.21.52.12 | 200 OK | 769 B |
URL GET HTTP/3www.rewardsgiant-au.com/favicon.ico IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typePNG image data, 20 x 22, 8-bit colormap, non-interlaced Hash045459995af63ddb3c3ff2eab81448ec 434ba048889059c2c43caa37c58e53bd3468520a c18a4b706bf4fa02b06fdb74e1461c6b222944cc39db2b6b90745b5f1007ad08
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:53 GMT
content-type: image/x-icon
last-modified: Thu, 30 Jun 2016 14:34:04 GMT
etag: W/"993b673dcd2d11:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oI1aeXExBW5wOLIR3YrLAdvi0Ld0gymr%2B%2F21ELvJ%2BZ9WLrfsr7rPGESKJuOZ5a0j3%2B69aN2NOoxV6s7Ri6vU94zpcouFOGHdJXujj3lKjwYqwzm%2Fl%2BDclCVTOkKR14XvJt6ZgmJzHBRuqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a64425fa7356cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CSS/Site.css | 104.21.52.12 | 200 OK | 684 B |
URL GET HTTP/3www.rewardsgiant-au.com/CSS/Site.css IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeASCII text, with very long lines (707), with no line terminators Hashf4f5d7cc94d151e0b0eb50e0c8a2515b 12f3eb1128f53c32a97372e6baf4b82bd573b15a 2505330874bf9340aa76b91606096f57068dc109ac8501c9bb2c678b3b3074df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CSS/Site.css HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: text/css
last-modified: Mon, 17 Mar 2014 14:17:22 GMT
etag: W/"cd26ec9ceb41cf1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajF6U8vKKaHEVJ3kfSo3UOnVHonQveTS4p8BjwB2lI7ILzTBn70ktratPWlIaeR47poqOzRCM3qAvTk1m5CsSYOWJgwqWvOmfsAMzHHgQiHRxbOlvSElLv0kelkDHbv2DWcgaBJ9lVCnig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d1c1356cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/profile_icon_pk.svg | 104.21.52.12 | 200 OK | 4.4 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/profile_icon_pk.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash0c9643805c81e16e3821e12137fc8c8f b411724ec2d3057c3ea2c4cbbe689f4e1e53dbb6 4dca19841f76a4593ed19307130b570e8414eb92f80445ee5a8c872903c45f77
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/profile_icon_pk.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: image/svg+xml
last-modified: Tue, 25 Feb 2020 19:52:49 GMT
etag: W/"80fe2f2815ecd51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BOKZD5ThQH9sm52%2FGb1w0lyOfd8Y%2BMlVVjXNZLzr3gUWVZuh8tACbCT1YafiMbOkAyJM8Zj8faj6Xwe%2F54WlNQcccP6o5cqTsu4aa81IA25uIz8gmB2T0I9f1P%2FdNeHBSF5AfJobc%2Fgyng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d6cb556cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/uplevels/partial_pop_deals.svg | 104.21.52.12 | 200 OK | 53 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/uplevels/partial_pop_deals.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash1cda3843525c136babf8db1268d3e66a 6d6f873d06921e8f24eac18632aaacf864effe47 a4214c4fc6ce0281bc3d69c211182f26d9a1f5bd7f25f68fd572ae077a064572
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/uplevels/partial_pop_deals.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: image/svg+xml
last-modified: Tue, 02 Nov 2021 14:51:55 GMT
etag: W/"b7291a2ef9cfd71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2rOWitTNuKOP0XiQbIjUj%2FWmnBM2mC2BQy0RNA8MjDGD5cFxh%2BqXxfSLY6RTIdqEN95zrZ5U3sWg3vLxBYhtZU4EiJXZqZYQGJY5ewHaIoOy7KjOjvVRuYvEVYspuPisBV2fvZV65%2F34Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a6441d6cc756cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2 | 142.250.74.163 | 200 OK | 8.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8668, version 1.0 Hasha242ba0df3a128a2cab929a8c45d5056 d70e2c70b21cbb66cd883ae56e2dedacefd81c7c 50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
GET /s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:36:52 GMT
expires: Fri, 25 Apr 2025 17:36:52 GMT
cache-control: public, max-age=31536000
age: 64680
last-modified: Fri, 22 Mar 2024 00:00:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.cdn925.com/CampImg/13069/uplevels/uplevelslogo.svg | 104.16.246.135 | 403 Forbidden | 0 B |
URL GET HTTP/2www.cdn925.com/CampImg/13069/uplevels/uplevelslogo.svg IP104.16.246.135:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerLet's Encrypt Subjectcdn925.com FingerprintF9:CD:4C:2E:5E:7B:1C:63:CD:25:48:7B:49:80:65:DA:9E:52:6B:48 ValidityTue, 02 Apr 2024 00:46:24 GMT - Mon, 01 Jul 2024 00:46:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /CampImg/13069/uplevels/uplevelslogo.svg HTTP/1.1
Host: www.cdn925.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: OC65nIg1e8M6cJTS7TwXh4GHqarcTBpXKvuryWkHSqk91FOwPenlz4ZI7z0yz21682Jwehhkn58FiDF1QTFl6JPNZU3ENmTh9Mwrcqv7RAg=$alTVSPnBkeOa/tRyX253Tg==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: __cf_bm=OrohaSEhZ2DhYIuakr1gPYQ.gFUzOBs27K5nPSVIWPA-1714131291-1.0.1.1-TVOGk5VkCAmPBfzCuriNskUjy1eczFOQUCkuv1sD7LGc2XXgTuwhoKOgK6Tw3vQvgubFyWAQoT2YEMI0cr5Jtw; path=/; expires=Fri, 26-Apr-24 12:04:51 GMT; domain=.cdn925.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a6441d8c6a56c1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/jackpot.svg | 104.21.52.12 | 200 OK | 9.1 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/jackpot.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash0b486078611f7465d5d0672cf8dc7830 309e8ab542198f95be491360e7728a1d2ab3fd72 012f2766a6ea73b38b5755e1264ac512d5bc0080c1795d7c196d2cf73b89601f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/jackpot.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2019 19:51:59 GMT
etag: W/"ddc57d4247ad51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hb5E7goEg2QW1yULERE182n4uftyDGaxvFrJotpEpekPa4a%2FJz%2BPKSDMeGrfkRHPg3CVDrQ6IQUKozdzFOuTOVYqKNpHjf4GommkQpq2qF%2FIWnIkPrh2xtjWEMG%2FugdZvZL3V2BMQxWuWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a6441d8cdd56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP142.250.74.163:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rewardsgiant-au.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:11:02 GMT
expires: Sat, 26 Apr 2025 06:11:02 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 19430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/JS/SystemConvert.js | 104.21.52.12 | 200 OK | 28 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/SystemConvert.js IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/SystemConvert.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: application/javascript
last-modified: Thu, 06 Feb 2020 16:17:17 GMT
etag: W/"802444e68ddd51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DOrEntpxzNkaT7v8VE7%2FBdunQkBW95g2Xrxweb700r8UiaCtQAXdSJqOb02p5MPKybZd9HIEgPz7gkzt%2BcpaeHg7PxC39bvdlMEntZaGVKopTzhgccKAMeqH5w2rAZmo7rXK8Qnh8GJEaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d2c2356cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/JS/jquery.autotab.js | 104.21.52.12 | 200 OK | 8.8 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/jquery.autotab.js IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJavaScript source, ASCII text, with very long lines (9378), with no line terminators Hash24693114007d27d281e4a16ed7b3dd5f 61e0ed232ca9559a5e2e6c1cbb870c1c302aa4f7 d4c55a54ec1085a91562a97a3985abdf48fe5566b8dd33f73830f0a55992cfb3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/jquery.autotab.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Mar 2014 14:18:05 GMT
etag: W/"808c61b6eb41cf1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JupHnCu%2BjEA7qvJr%2BnswT%2FQXkxKXm2KUGxnJQeQIiIjo0ijDyrBMXAyj4Xuz%2FvwulWZ7k%2BJplUTDLYUGlhiVacqhDEpAqoGRpJEF8cEmYdgS1yAzR0GsYMG%2F%2FcV%2B1%2FRSXHTUi2txL57Yig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d2c2656cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/1718/Superdynamic/amazon/mob.jpg | 104.21.52.12 | 200 OK | 102 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/1718/Superdynamic/amazon/mob.jpg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x656, components 3 Size102 kB (101847 bytes) Hash3fb2652bf1ec119eaf9c555a33319dfa caf3a42a36640c604ebd2a120f5d53c8998ad1c0 c35abde1b641a67565a5abaea783405b7c3397936058306dbdd8838e4299a9aa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/1718/Superdynamic/amazon/mob.jpg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=&bckm=1
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:53 GMT
content-type: image/jpeg
content-length: 101847
last-modified: Mon, 10 Feb 2020 21:02:28 GMT
etag: "b82c316755e0d51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FTfkQrqUs6Gp5z8hN7V6RLg0paFcwm86xPXOCaWLUjaJyE2Yz%2BBvZ71ivlguyd7aOia7BElA3aAbCcYY7QLnEG%2B%2BumFuYMIfLW72fKpXeIwquSqbXh0Oi1ac3TgDA1F%2FVohuvQlihjRr%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a644233d8c56cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/PixelEventLogIframe.aspx?FlowID=48601&VID=lUVnoHbb7nzxUegnl6Od0Q2&PixelEvtID=23991&fbclid=&gclid=&ckmc=&ckmscn=&ckmsc= | 104.21.52.12 | 200 OK | 1.7 kB |
URL GET HTTP/3www.rewardsgiant-au.com/PixelEventLogIframe.aspx?FlowID=48601&VID=lUVnoHbb7nzxUegnl6Od0Q2&PixelEvtID=23991&fbclid=&gclid=&ckmc=&ckmscn=&ckmsc= IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeJavaScript source, ASCII text, with very long lines (1879), with no line terminators Hashd3860bccae5bee35d81c7f78fd9dabc3 36233529ec0cf8e788430ec98eccc1ab075f8359 472625ebee8c3b8a97065f64a94a564ab878492577f6d59214abcf5b9614fad2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /PixelEventLogIframe.aspx?FlowID=48601&VID=lUVnoHbb7nzxUegnl6Od0Q2&PixelEvtID=23991&fbclid=&gclid=&ckmc=&ckmscn=&ckmsc= HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5t42HJNPJuGd%2FxkDqxOl8digls584tPilGxA7umJwMEO6Ij5RSmBUz%2FGlO6pMPEqaI4IMSHZc1dXxjgr6Y%2FIFkX9vrhF0VTTKZ9Zybath3sjIwtcaaqMnqLm4SqsmNlwZRQJjYZXH18oEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644217aba56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/Services/GetRewardValue.ashx?c=32&Value=amazon750au | 104.21.52.12 | 200 OK | 556 B |
URL GET HTTP/3www.rewardsgiant-au.com/Services/GetRewardValue.ashx?c=32&Value=amazon750au IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeASCII text, with very long lines (608), with no line terminators Hashabd23a79a09911fab62f2d57b62f62a9 bfa88c249a8ea3a9cd6920d5e44d381db12c607f 62d36d1aca92c3fb876e367f337012e3dc24b13979564d6dc8fcfc6cf79acad6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Services/GetRewardValue.ashx?c=32&Value=amazon750au HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: text/plain; charset=utf-8
cache-control: private
vary: Accept-Encoding
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ekv6BeDiLVPCbDC72F9B%2FN68Iv%2B2GXMehBdbdMJNkta6DgNl2nPYVNZCVL%2FYsXzTeA4Q7q0KzaIrIT6KcPqydju6l4y37knbOBhULz3ZRiyNk8ciag%2F%2FPHKFxTTPocANgoNNegnXUm0Lyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a644217ac056cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/credit_cards_icon_pk.svg | 104.21.52.12 | 200 OK | 7.7 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/credit_cards_icon_pk.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hashf3e244d340a0168955ac508d184d27cf efa040b849c4f7e900f569594f85aed80e5e12d4 705fb9c28c7c4d2f24720f9624b69f81ce5d2ce0231053026807e5545efc9e0c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/credit_cards_icon_pk.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: image/svg+xml
last-modified: Tue, 25 Feb 2020 19:52:49 GMT
etag: W/"6385442815ecd51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Sj5WW1d%2FiMF1RxUdQKpKvQdPrEj0JKP5StRBPJ%2FS73GflKOdz81SXTLbRpit%2Ft1Dlff9TNVdufho8lUb3h%2F3yXv2Ii2204twY0z3qQDaHFlnQ6PZGlWkzQFFR8%2Fcnl%2FnvRg%2FtgnsW6o%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a6441d6cc556cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/exit.svg | 104.21.52.12 | 200 OK | 302 B |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/exit.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hashd31147c7929a21c3eb9da5e4528c491f e3fecb3198a5542e370e399f589ff421656421b6 6807bbee5e8dd501f3d416a76ec7375b74f4d75d1265d1368632a88fd9374bde
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/exit.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: image/svg+xml
last-modified: Tue, 25 Feb 2020 20:32:53 GMT
etag: W/"a54692c11aecd51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84j7GkOi5UWgmT7yUOg2SezuIFNNYvGLVN4Vj4eIXKBLhnDjh95KsMow3TUUyNzFsxrJPnlJOKsQiPzG001COX6qUhkaJZHI7zyPVBbXXq0froNbFQUne%2BycdMFv2wapzCkk50FwpUZZpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a6441d6cb456cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/lvl/surveyoffers-icon.svg | 104.21.52.12 | 200 OK | 3.0 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/lvl/surveyoffers-icon.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash6f60dec8513cb0a38e9f7d9bd6b8b3f7 c86edc14b63d5e1678f3966aae7fb378112f3f70 a64670475287eabbabd03e465ad5f1969a88a5da5d8b05504a3e2c856a0d92c9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/lvl/surveyoffers-icon.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: image/svg+xml
last-modified: Tue, 31 Aug 2021 16:32:06 GMT
etag: W/"0c76fbc859ed71:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wyR3kjYrAXbZAYSuzagca3fmul74ism8aMlswKLTFRwDJGU%2Bcce%2FNQR4KY3IJJFKo8rK9dixJLtf0tLCSDLFOixvc3fn8dLQv5Whp5xMrQZwmmxEMoDlixF7JAS%2FemCxiZScFuaNj2lLIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d6cb956cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&display=swap | 142.250.74.106 | 200 OK | 21 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&display=swap IP142.250.74.106:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
Hash95dec49a30d9006780ab7a5268fc66ff c116d4efd399e070e5a86eec2a976133720a8faa af7325f9a027ed8daa2cfb32b700c32cf4fd79c691884f6960cb6cc8a3c1f365
GET /css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:34:51 GMT
date: Fri, 26 Apr 2024 11:34:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CSS/flybox.css | 104.21.52.12 | 200 OK | 1.1 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CSS/flybox.css IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeASCII text, with very long lines (1083), with no line terminators Hash7d43c91ddf852248621989132752da73 02e6c8524cf8f383c3c7c15e3f24bfacdd939616 a63c72394fc9f91b4f96518822d7d4b08c41f725f544afd0cfdef2c2abf812b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CSS/flybox.css HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: text/css
last-modified: Mon, 17 Mar 2014 14:17:22 GMT
etag: W/"693ceb9ceb41cf1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=19xJVymv1tC1RvWQEqd81EvFzjX%2BdZafnSX47tpTqmqWBPgYKRVsVYWSm0acdg6ckJUySlvaijmikS1d1cLxBgXZla2GpBhp0HTzloteytPsh80rz9DwMI8MSLUU%2F89nUGw9FU9t4xce%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d1c1856cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/assets/deals_icon_pk.svg | 104.21.52.12 | 200 OK | 4.0 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/assets/deals_icon_pk.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hashbc41471f83adfbbb658fc238297b596d 10dfbc5d8db8e82dfeacba79b2252953d9a11efa aa693935080d877b7cd4af7d2cdb62caa170f0eb822d0d5df1185e5b205abe8c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/assets/deals_icon_pk.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: image/svg+xml
last-modified: Tue, 25 Feb 2020 19:52:49 GMT
etag: W/"80fe2f2815ecd51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w17mm7SidGmh2MZIcV4SerBGIwE0Rriu6hokZ6LFdTzGINGuh%2BGP4C%2FNDnabYNgyXzBFMk7C9PP0M%2BIlp4lNoOsss4BDe%2BpTb26fXdYF%2BvzmdLS7Z9Cz3XRnWSVzFfeG%2FsU8mV5VLTAJyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d6cba56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/CampImg/13069/uplevels/lp_deals.svg | 104.21.52.12 | 200 OK | 54 kB |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/uplevels/lp_deals.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash1a8d08ce37ef69d7416af7434c58ffd7 15773180ef6f5f149a72cd371504281eea8d2455 ae0879e5db669ac9cfeebfcb5228eb1cf7973ea43e27714748449c2ae5d13297
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/uplevels/lp_deals.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: image/svg+xml
last-modified: Tue, 02 Nov 2021 14:51:55 GMT
etag: W/"8037a02df9cfd71:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccUMRZYTKVSGKLeLTq1os4i5DLPFO%2FRmLpOS%2BLCiIva5k7vD1rV9W1fD%2F8agQlWkcMpf5foFPQBpB15jnXzX8E9vT%2BvjkFnrtuUFYFfu6oFjfpI2cY1aV%2FZPK5FUozuLQi1I2mWy7uP1rA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d7cd356cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Poppins:ital,wght@1,200;1,300;1,400;1,500;1,600;1,700&display=swap | 142.250.74.106 | 200 OK | 4.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:ital,wght@1,200;1,300;1,400;1,500;1,600;1,700&display=swap IP142.250.74.106:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (4864), with no line terminators Hash699f8700609423344e6fe24acbf381ad 3113f1ef976eb8506910c5cebd9eed24b3c3c27f 00b8bf39880ec1e481cdedca6521493c8ab03deb2aed4b71ff54383a8fe38612
GET /css2?family=Poppins:ital,wght@1,200;1,300;1,400;1,500;1,600;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:34:51 GMT
date: Fri, 26 Apr 2024 11:34:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rewardsgiant-au.com/CampImg/13069/check-big.svg | 104.21.52.12 | 200 OK | 230 B |
URL GET HTTP/3www.rewardsgiant-au.com/CampImg/13069/check-big.svg IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
File typeSVG Scalable Vector Graphics image Hash13db28d3b82bb68b6b9c6495b8f55310 46b0fe42870fe1eef6dd8fe9c6d08ef699addb7b 568f284dbc8fe26fcd3bc99ee95d4c1d84db392a99cadad5222f979132356b0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /CampImg/13069/check-big.svg HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:52 GMT
content-type: image/svg+xml
last-modified: Tue, 25 Jun 2019 15:04:43 GMT
etag: W/"b7e04d52672bd51:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xDw9mC%2B8BzMV3WsIBfSITfk6d5fbHqcM0PKipol7%2F%2BqRBzUHDPymruv2CBcnxpqt3GI0ys9M5kywbqEPGljjQWgGUiC9rSXdoGfB6Kpf6OyaYBXClKaP%2FIjzE7sFbkbojhsqqGlyqx4u%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a6441fd83956cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rewardsgiant-au.com/JS/ExternalLibrary.js | 104.21.52.12 | 200 OK | 89 kB |
URL GET HTTP/3www.rewardsgiant-au.com/JS/ExternalLibrary.js IP104.21.52.12:443
Requested byhttps://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID= CertificateIssuerGoogle Trust Services LLC Subjectrewardsgiant-au.com Fingerprint25:51:00:BA:47:97:7B:41:0A:8B:99:92:2E:99:AB:0D:9B:94:83:27 ValiditySun, 14 Apr 2024 03:19:14 GMT - Sat, 13 Jul 2024 03:19:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /JS/ExternalLibrary.js HTTP/1.1
Host: www.rewardsgiant-au.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rewardsgiant-au.com/?Flow=37761135-A7CD-4904-FA56-47968ED5F6E0950A4835&isPrePop=true&RBC=1&reward=amazon750au&o=212838&affsecid=4815496649&subaff1=244839&subaff2=203360&subaff3=244397&aff_pixel=&subaff4=amazon750au-default-20346&DVID=
Cookie: cf_clearance=smg3ZPli5zeUTjFZF0pEqtvVVYi7slL9uwRQFuQed9E-1714131288-1.0.1.1-ZCYcb.mQL7k1wWFzLvIxw18_dkKXWIaLY54dHJrfeiFeVp3tvBjIHa9D4iBwuglnNUUmyNVifzfqqawdyjx9ZQ; ASP.NET_SessionId=yi3lhahtdmfsant5gu3ii3zd; AF3_Cookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 11:34:51 GMT
content-type: application/javascript
last-modified: Mon, 20 Nov 2023 19:54:05 GMT
etag: W/"80acef50eb1bda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xh5iczrqcpVMSKoEu%2FFWrW3XYTTs0UmGyN87Tx4AZM4YwLzhptnA%2F%2FtEH8mOj3l52MTeYEpUfPIJbpETI%2B%2FeqAAxhRCBE0cW1VfJpmPNjk8PDUZi6Ved09ZLFDz%2F%2FuVpP6i%2BAdtOLm2P5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a6441d2c1f56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|