Report - amclicks.com/x/7384/10899/0/676047/1265663999/18842/0/0/0/

Report Overview

Submitted URL
amclicks.com/x/7384/10899/0/676047/1265663999/18842/0/0/0/
IP
52.2.18.249
ASN
#14618 AMAZON-AES
Submitted
2023-05-27 14:21:40
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-27	2.3 kB	4.9 kB	142.250.74.131
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-05-27	433 B	31 kB	142.250.74.74
signals.aimtell.com	10531	2014-02-23	2021-09-03	2023-05-27	508 B	575 B	104.18.31.151
create.lidstatic.com	24133	2015-08-14	2015-09-23	2023-05-27	466 B	127 kB	104.22.39.182
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-27	1.0 kB	3.0 kB	54.230.80.227
amclicks.com	112152	2008-03-07	2012-08-07	2023-05-27	1.2 kB	1.2 kB	107.21.226.142
deviceid.trueleadid.com	2097	2010-11-03	2018-07-10	2023-05-27	713 B	4.5 kB	3.231.15.165
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-27	2.0 kB	5.8 kB	54.230.80.227
primerewardz.com	unknown	2015-09-29	2016-01-14	2023-05-27	6.8 kB	1.4 MB	52.2.18.249
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2023-05-27	902 B	745 kB	104.18.10.207
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-27	1.6 kB	66 kB	142.250.74.35
s3.amazonaws.com	unknown	2005-08-18	2020-05-13	2023-05-26	420 B	14 kB	52.217.204.128
create.leadid.com	14598	2010-07-11	2014-01-22	2023-05-27	4.9 kB	6.5 kB	3.228.135.28
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-05-27	442 B	7.2 kB	104.17.24.14
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-27	446 B	653 kB	142.250.74.106
api.trustedform.com	23021	2009-02-13	2012-10-29	2023-05-27	2.6 kB	2.0 kB	52.4.12.52
pushpros.tech	247253	2019-08-26	2020-07-31	2023-05-27	495 B	2.7 kB	54.230.111.92
d2m2wsoho8qq12.cloudfront.net	unknown	2008-04-25	2013-05-25	2023-05-27	704 B	2.0 kB	54.230.245.38
cdn.trustedform.com	24659	2009-02-13	2020-08-27	2023-05-27	950 B	46 kB	54.230.111.60

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-27	medium	primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
2023-05-27	medium	primerewardz.com/assets/js/jquery.email-autocomplete.min.js
2023-05-27	medium	primerewardz.com/assets/js/plugins/email.verify.1.1.js
2023-05-27	medium	primerewardz.com/assets/js/pop_window.js
2023-05-27	medium	primerewardz.com/assets/img/guarantee_badge.svg
2023-05-27	medium	primerewardz.com/assets/js/templ_standard_js.min.js
2023-05-27	medium	primerewardz.com/assets/js/jquery.email-autocomplete.min.js
2023-05-27	medium	primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	primerewardz.com/assets/js/pop_window.js	4.2 kB	2023-03-07	2023-12-29
Pretty URL primerewardz.com/assets/js/pop_window.js IP 52.2.18.249 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2023-12-29 04:35:32 Times Seen473 Hash 5ab611ffa62c4d2208e8b06c984337ec 7b1f19e115be9f0b90d7791ce2ca85e5ee536b82 c878606d2efe52e77a736f5bca231a2a62281697138d10416088282fd8a090ee Loading...

	primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no#	67 B	2023-03-07	2023-12-29
Pretty URL primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:06:31 Last Seen2023-12-29 03:52:39 Times Seen132 Hash 2ddc81524cc1a70118e892a101b354af 2c1baf1b96a222a1e1700c9aea4be96b9c085033 c650318ffcb81ec462747810af812f188a9d41a19b2cdb641677a025298cd548 Loading...

	create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&uuid=a4e5711408e5482395d2a0339a2670fd	0 B	2023-03-07	2024-04-26
Pretty URL create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&uuid=a4e5711408e5482395d2a0339a2670fd IP 3.228.135.28 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 14:12:09 Times Seen37092965 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.trustedform.com/trustedform-1.8.39.js	105 kB	2023-05-12	2023-08-18
Pretty URL cdn.trustedform.com/trustedform-1.8.39.js IP 54.230.111.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-12 21:13:47 Last Seen2023-08-18 17:59:16 Times Seen1062 Hash 9c2830f2c2e5b9cb27e0e7f151317cbe 7e0b45f1cf0f826b0aaaf792e20bdd77d27c6b3a fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js	19 kB	2023-03-07	2024-04-24
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:14 Last Seen2024-04-24 17:00:54 Times Seen1725 Hash aad2475f1e2615224fa9716b53954be2 4f08d328c845410583e0a05c8d5a5bc61c23db47 8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-26 14:08:39 Times Seen341880 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2	126 kB	2023-03-07	2024-01-16
Pretty URL create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 IP 104.22.39.182 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-16 16:52:02 Times Seen739 Hash 97495a102c98049f30e62264b1eb50f5 2826aca635888817ca3869a59dda0f1c53e32788 e3d44f6e098f5d3c6b47bb00453dbb1d58b7848332ffc70fc756009b189ba322 Loading...

	unknown	2.2 kB	2023-04-01	2023-05-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:02:29 Last Seen2023-05-29 08:36:24 Times Seen56 Hash b2140b80ec91506e366e232f172f43f7 76f24f6d30551c8b5e520b3ab80726de1da44a3b 5e9ef51a37e1262bb0eb943ad8109d95cdce63d603bedcb163a4623df606319e Loading...

	d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4	0 B	2023-03-07	2024-04-26
Pretty URL d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 IP 54.230.245.38 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 14:12:09 Times Seen37092965 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16851972826110.3423783765215108&invert_field_sensitivity=false	7.5 kB	2023-05-12	2023-08-18
Pretty URL api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16851972826110.3423783765215108&invert_field_sensitivity=false IP 52.4.12.52 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-12 21:13:47 Last Seen2023-08-18 17:59:15 Times Seen591 Hash 88ddf717f635b54023edd7480431e1d1 331e6a49d576b60547bdf48458aff2b56a1dd12e d95166940395c50be562fe538c85311002d62b83da8f68a8500be092f4bf98fd Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-24
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:27 Last Seen2024-04-24 17:00:55 Times Seen2705 Hash 46b549bdc90920f18a911f186b9dd75c 3c639c4af5c036a6ee364215bd12c0b12937827d 1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5 Loading...

	deviceid.trueleadid.com/iframe.html?token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4	4.2 kB	2023-04-05	2024-04-25
Pretty URL deviceid.trueleadid.com/iframe.html?token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 IP 3.231.15.165 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 03:18:50 Last Seen2024-04-25 20:36:20 Times Seen1620 Hash 888397723b0cae5a849306756b87634d 2afbc2fe73160ce20dc626b552d4a2f84dce5d79 e5a55390140fb7ef34b7eec67edb995dd3ae18f313b72aeb6a1921cc2d6dd3ad Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 14:10:49 Times Seen62763 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/sandbox%20eval%20code	147 B	2023-04-11	2024-04-26
Pretty URL primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-26 14:08:39 Times Seen342379 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	unknown	46 B	2023-04-11	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:36:29 Last Seen2024-04-26 05:07:52 Times Seen5919 Hash 5c399557f73fcf0024f42259cf94ee17 d2f46cbd088e9b289e63cc23e2377462c6459e3f 254e737260e5ff4f6043abc4ab52ee1f9ea6e9eab066b5c7ac1665c4cf75692b Loading...

	unknown	11 B	2023-04-15	2023-12-29
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-15 11:23:36 Last Seen2023-12-29 03:52:39 Times Seen41 Hash e3549f3e4042e9452cca93273806f488 c8a1f51b122a962ff0ba278ffeedbde2acd1ca2f a4b9d32d78361a6e932b45f94536ff8bdfcc5cde9ac95154a5cdf39efddd793e Loading...

	primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no	652 B	2023-05-26	2023-05-29
Pretty URL primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no IP 52.2.18.249 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-26 18:21:38 Last Seen2023-05-29 08:36:24 Times Seen7 Hash 26c35164860540bf80c0d53ac3753101 5f276816eccc498983d689ddf827c6b1b179dfeb f3db268ad91ca1a9426e8768f1f0b88db0954387f5dfed1cbf126c71dcc2ca59 Loading...

	primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no#	461 B	2023-04-01	2024-01-19
Pretty URL primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-01 10:49:02 Last Seen2024-01-19 16:43:40 Times Seen414 Hash 95fbacefcf06d1f8e91799de1c2ad128 aa178b1965fdc13f459aa505214aeba0c086df98 244c64ba5bca79610402c6477ae8b3cca9b1d2448aa70e6ca34e3a8b1b7dab1c Loading...

	s3.amazonaws.com/trackpush/trackpush.min.js	48 kB	2023-03-09	2023-06-01
Pretty URL s3.amazonaws.com/trackpush/trackpush.min.js IP 52.217.204.128 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:17:44 Last Seen2023-06-01 20:05:18 Times Seen631 Hash d470356148c00da67db3c9bdaecc90f9 d12a4df31633cf9a982bd6e8c3ffbc2449b1753f 5ea9947b55246bd7e281b10027a5ed301039077b0589afff470b73c561a93054 Loading...

	primerewardz.com/assets/js/jquery.email-autocomplete.min.js	3.2 kB	2023-03-07	2023-12-29
Pretty URL primerewardz.com/assets/js/jquery.email-autocomplete.min.js IP 52.2.18.249 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2023-12-29 04:35:32 Times Seen646 Hash e52c1b9d782a5f900404c7d6b19913b3 92a6f34824da998a181a36ede877ffb611a194aa 369f3c1ba5e42e3b55ca10f6cf763f5e6811af0f44e0b61b84852aa19081de3e Loading...

	primerewardz.com/assets/js/plugins/email.verify.1.1.js	5.3 kB	2023-03-07	2023-12-29
Pretty URL primerewardz.com/assets/js/plugins/email.verify.1.1.js IP 52.2.18.249 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2023-12-29 04:35:32 Times Seen485 Hash 172c7088f34c1c375ae260a028a9f0cf 150684d6ffcd2e12727954790e17685b3410ff95 d3c8d6a7d5f212160de2ead76c91e553cd29e8f2271536586ccb41d401fab4ad Loading...

	primerewardz.com/assets/js/templ_standard_js.min.js	2.4 kB	2023-03-07	2023-12-29
Pretty URL primerewardz.com/assets/js/templ_standard_js.min.js IP 52.2.18.249 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2023-12-29 04:35:32 Times Seen473 Hash 36eb8ad9bbfc0fb3de0c0724e98056e4 0d26daccbee4cd7fbc3b0d1c154c9d30d3449e45 aa7506c4bb3cd1be57d7e487d908bc0a299beef8ee09950189dcd39d691566d9 Loading...

	primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no#	100 B	2023-05-26	2023-12-29
Pretty URL primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-26 18:21:26 Last Seen2023-12-29 03:49:35 Times Seen20 Hash 7c7cbf40b45061177c6b02933aa343da faaea0adbd129e6e813a3151c8748c25cddd4ebf 84bc9e10a5c1a95304c6186bf7c4233f4bc1c331295b106113a61f05626bc337 Loading...

	primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no#	592 B	2023-03-07	2024-01-19
Pretty URL primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen746 Hash b7819f20ec3d377b9fb124f8f0e8ceb4 bc1c20068326ed8b2630a25df9f6f4b2dc281638 a4124d51bb27da6fe4eb67bb019de6d0999d38cfe588b59f38ceaebe7c409488 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5923e6a91fd004cc0815f0a5494f6368	14 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-25 20:36:21 Times Seen2541 Hash 5923e6a91fd004cc0815f0a5494f6368 6f0cc8f774ac9d8240ffe81a9c659c9612d7bb70 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33 Loading...

HTTP Transactions (59)

URL IP Response Size

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
bf8b77fec24c3a857af67d46f66073c5
37fdb0b8c4ea7114fd30f794125959e970a53e2d
fcb71b35e1074ee867984ae2a003a6a770b8f74349a13f1a1e4d2a0fa4baf1e3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 27 May 2023 14:21:21 GMT
Etag: "647188e1-1d7"
Expires: Sat, 27 May 2023 16:21:21 GMT
Last-Modified: Sat, 27 May 2023 04:36:49 GMT
Server: ECAcc (dcb/7EDB)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yLdGiOclUzQiPUClB4YGtegGeBylQIUDJL4SQbqMEtqh9IOG97-lCw==
Age: 1697

amclicks.com/x/7384/10899/0/676047/1265663999/18842/0/0/0/

107.21.226.142

302 Found

172 B

URL User Request GET HTTP/2
amclicks.com/x/7384/10899/0/676047/1265663999/18842/0/0/0/
IP
107.21.226.142:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectamclicks.com
Fingerprint04:1C:1F:8F:32:D6:9B:38:B8:D9:D5:1A:78:D3:FE:67:41:65:CC:B6
ValidityThu, 02 Mar 2023 00:00:00 GMT - Wed, 23 Aug 2023 23:59:59 GMT

File type
HTML document, ASCII text, with no line terminators
Size
172 B (172 bytes)
Hash
ae24976005eae1c49dd1804401ae65ca
4d73ed89c4eb14dc5bafa8d02bbab9e0531c384f
f6686537fd25978d5bb858908eb0cf5c3aa392b23061ad6d1632004b85105667

HTTP Headers

GET /x/7384/10899/0/676047/1265663999/18842/0/0/0/ HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:21 GMT
content-type: text/html; charset=UTF-8
content-length: 172
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: ci_session=nviogqog4gjfqigegqod467et364rloj; expires=Sat, 27-May-2023 16:21:21 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
ref=1; expires=Sat, 27-May-2023 15:21:21 GMT; Max-Age=3600
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

amclicks.com/x/7384/10899/0/676047/1265663999/18842/0/0/0/

107.21.226.142

302 Found

0 B

URL User Request GET HTTP/2
amclicks.com/x/7384/10899/0/676047/1265663999/18842/0/0/0/
IP
107.21.226.142:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectamclicks.com
Fingerprint04:1C:1F:8F:32:D6:9B:38:B8:D9:D5:1A:78:D3:FE:67:41:65:CC:B6
ValidityThu, 02 Mar 2023 00:00:00 GMT - Wed, 23 Aug 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /x/7384/10899/0/676047/1265663999/18842/0/0/0/ HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amclicks.com/x/7384/10899/0/676047/1265663999/18842/0/0/0/
Cookie: ref=1; ci_session=nviogqog4gjfqigegqod467et364rloj
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Sat, 27 May 2023 14:21:21 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
81c6828ce360a1fa14451d2854a730cc
b0a38371fefd611985eb361d0f00e74ef9dfc89a
fe91147d2a184f33acc2d9796fbe4717e32c8ab0103db9c6d69ab5cfd13dc03c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 27 May 2023 14:21:22 GMT
Last-Modified: Sat, 27 May 2023 13:44:11 GMT
Server: ECAcc (bsa/EB4C)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1f61j0FOvs9muPsQky2TwAjjW4OEj6we7lvqVQBLuXJWxF2jCXJO4g==
Age: 2231

primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no

52.2.18.249

200 OK

5.2 kB

URL User Request GET HTTP/2
primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
IP
52.2.18.249:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1124)
Size
5.2 kB (5154 bytes)
Hash
4b1d2ef364862c2359ec821355c64fee
1b04bdc4beeacb4ae1c0dc22f52a421111ea2937
b370c7308d73b87b4f35ae1bd0e76e72ed981bc7a87052a31fe85e86156ed22b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amclicks.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: text/html; charset=UTF-8
content-length: 5154
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=34ta1mj6r3batl8h2dks88kut24lk34u; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js

104.17.24.14

200 OK

6.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (19063)
Size
6.2 kB (6174 bytes)
Hash
aad2475f1e2615224fa9716b53954be2
4f08d328c845410583e0a05c8d5a5bc61c23db47
8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce

HTTP Headers

GET /ajax/libs/popper.js/1.12.3/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 6174
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4b24"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3830741
expires: Thu, 16 May 2024 14:21:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUEajijcHcCUM%2FQRBDGA4OyP4iDS8alqwXNkREakjoSVpJ3lekfuaH0HTX8d67AApokNk7QASNrvHUWkHO39O8uVLkLcCXeiii1KlRr0B4vP4xHhbxMfa7%2BqINpw5Uhs0SLy43Y5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cdee76738aa1bfa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

primerewardz.com/assets/css/loading_icon_1.css

52.2.18.249

200 OK

580 B

URL GET HTTP/2
primerewardz.com/assets/css/loading_icon_1.css
IP
52.2.18.249:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT

File type
ASCII text
Size
580 B (580 bytes)
Hash
053b0d384c5e6cac600ccf5a8653e78d
58a6473f06c39c9338e2baaa1474c112e9d3f2e9
091a6575c7efe80624d5054b93b61cd16e00398e10c495511c1af7dc063e882a

HTTP Headers

GET /assets/css/loading_icon_1.css HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Cookie: ci_session=34ta1mj6r3batl8h2dks88kut24lk34u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: text/css
content-length: 580
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:07 GMT
etag: "db0-5c80ac2ce37a0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

primerewardz.com/assets/js/jquery.email-autocomplete.min.js

52.2.18.249

200 OK

1.3 kB

URL GET HTTP/2
primerewardz.com/assets/js/jquery.email-autocomplete.min.js
IP
52.2.18.249:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (2986)
Size
1.3 kB (1279 bytes)
Hash
e52c1b9d782a5f900404c7d6b19913b3
92a6f34824da998a181a36ede877ffb611a194aa
369f3c1ba5e42e3b55ca10f6cf763f5e6811af0f44e0b61b84852aa19081de3e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery.email-autocomplete.min.js HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Cookie: ci_session=34ta1mj6r3batl8h2dks88kut24lk34u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: application/javascript
content-length: 1279
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:10 GMT
etag: "c5e-5c80ac301ea00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

primerewardz.com/assets/js/plugins/email.verify.1.1.js

52.2.18.249

200 OK

1.5 kB

URL GET HTTP/2
primerewardz.com/assets/js/plugins/email.verify.1.1.js
IP
52.2.18.249:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT

File type
assembler source, ASCII text, with very long lines (947)
Size
1.5 kB (1470 bytes)
Hash
172c7088f34c1c375ae260a028a9f0cf
150684d6ffcd2e12727954790e17685b3410ff95
d3c8d6a7d5f212160de2ead76c91e553cd29e8f2271536586ccb41d401fab4ad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/plugins/email.verify.1.1.js HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Cookie: ci_session=34ta1mj6r3batl8h2dks88kut24lk34u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: application/javascript
content-length: 1470
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:14 GMT
etag: "14c2-5c80ac33e27e0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

primerewardz.com/assets/js/pop_window.js

52.2.18.249

200 OK

752 B

URL GET HTTP/2
primerewardz.com/assets/js/pop_window.js
IP
52.2.18.249:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT

File type
ASCII text
Size
752 B (752 bytes)
Hash
5ab611ffa62c4d2208e8b06c984337ec
7b1f19e115be9f0b90d7791ce2ca85e5ee536b82
c878606d2efe52e77a736f5bca231a2a62281697138d10416088282fd8a090ee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/pop_window.js HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Cookie: ci_session=34ta1mj6r3batl8h2dks88kut24lk34u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: application/javascript
content-length: 752
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:14 GMT
etag: "1085-5c80ac33e7600-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 14:21:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css

104.18.10.207

200 OK

21 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65318)
Size
21 kB (21151 bytes)
Hash
95df726a7936892cf645a57c1ccf3b75
3e035b1a98c46848c442529af959270bae59471b
414caa66bb79bc88c1ba6a2a415d2333c0a01aab1c15f74684dfa7542a97d2f7

HTTP Headers

GET /bootstrap/4.0.0-beta.2/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:03 GMT
cdn-cachedat: 11/02/2021 02:15:40
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 5014485a46d581605d0e095f8e21f934
cdn-cache: HIT
cf-cache-status: HIT
age: 30638075
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cdee76739d31c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

142.250.74.74

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text, with very long lines (32058)
Size
30 kB (30306 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 10:44:17 GMT
expires: Wed, 22 May 2024 10:44:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 358625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

primerewardz.com/assets/img/guarantee_badge.svg

52.2.18.249

200 OK

7.1 kB

URL GET HTTP/2
primerewardz.com/assets/img/guarantee_badge.svg
IP
52.2.18.249:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (7104), with no line terminators
Size
7.1 kB (7104 bytes)
Hash
19028bac308549aeb0e41a418646e2df
43209bcef38e912327857ef68ee8796d78c52ca0
977ed311f2c3818040fb8d87f3d93f94088749446b0e2d03b54fd73506e9ab7e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/guarantee_badge.svg HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Cookie: ci_session=34ta1mj6r3batl8h2dks88kut24lk34u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: image/svg+xml
content-length: 7104
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 06 Nov 2017 17:45:19 GMT
etag: "1bc0-55d54049409c0"
accept-ranges: bytes
X-Firefox-Spdy: h2

primerewardz.com/assets/js/templ_standard_js.min.js

52.2.18.249

200 OK

981 B

URL GET HTTP/2
primerewardz.com/assets/js/templ_standard_js.min.js
IP
52.2.18.249:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (937)
Size
981 B (981 bytes)
Hash
36eb8ad9bbfc0fb3de0c0724e98056e4
0d26daccbee4cd7fbc3b0d1c154c9d30d3449e45
aa7506c4bb3cd1be57d7e487d908bc0a299beef8ee09950189dcd39d691566d9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/templ_standard_js.min.js HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Cookie: ci_session=34ta1mj6r3batl8h2dks88kut24lk34u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: application/javascript
content-length: 981
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 11 Nov 2021 17:25:09 GMT
etag: "987-5d0869fd7fe28-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 14:21:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 14:21:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

primerewardz.com/assets/js/jquery.email-autocomplete.min.js

52.2.18.249

200 OK

1.3 kB

URL GET HTTP/2
primerewardz.com/assets/js/jquery.email-autocomplete.min.js
IP
52.2.18.249:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (2986)
Size
1.3 kB (1279 bytes)
Hash
e52c1b9d782a5f900404c7d6b19913b3
92a6f34824da998a181a36ede877ffb611a194aa
369f3c1ba5e42e3b55ca10f6cf763f5e6811af0f44e0b61b84852aa19081de3e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery.email-autocomplete.min.js HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Cookie: ci_session=34ta1mj6r3batl8h2dks88kut24lk34u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: application/javascript
content-length: 1279
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:10 GMT
etag: "c5e-5c80ac301ea00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d4e2d954927aa1532ece1f3aad871a48
64080e5552252600638702178c90cd946984d117
7dc0934c025e5057e7011bc9b1d43c7dad69fd03c2398f15baab0385a96b230d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 14:21:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d4e2d954927aa1532ece1f3aad871a48
64080e5552252600638702178c90cd946984d117
7dc0934c025e5057e7011bc9b1d43c7dad69fd03c2398f15baab0385a96b230d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 14:21:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d4e2d954927aa1532ece1f3aad871a48
64080e5552252600638702178c90cd946984d117
7dc0934c025e5057e7011bc9b1d43c7dad69fd03c2398f15baab0385a96b230d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 14:21:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/playball/v17/TK3gWksYAxQ7jbsKcg8Eneo.woff2

142.250.74.35

200 OK

32 kB

URL GET HTTP/2
fonts.gstatic.com/s/playball/v17/TK3gWksYAxQ7jbsKcg8Eneo.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 31564, version 1.0\012- data
Size
32 kB (31564 bytes)
Hash
34b8d410c61dcbac31c06d4e72e17e22
f8edc32d045953f1190f2503da2bd590048f5fc6
21a5a1944ae56ff8b3142b32a4e54eab52dd4a630d2161179b8b98a5cbe8b80d

HTTP Headers

GET /s/playball/v17/TK3gWksYAxQ7jbsKcg8Eneo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:17:37 GMT
expires: Thu, 23 May 2024 00:17:37 GMT
cache-control: public, max-age=31536000
age: 309825
last-modified: Tue, 02 May 2023 16:04:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:11:48 GMT
expires: Sun, 26 May 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 40174
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 07:44:41 GMT
expires: Sun, 26 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 23801
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d4e2d954927aa1532ece1f3aad871a48
64080e5552252600638702178c90cd946984d117
7dc0934c025e5057e7011bc9b1d43c7dad69fd03c2398f15baab0385a96b230d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 14:21:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6016d8aecc5f7f916578adb04efbe4d3
0ff6b322c9fa6ab8ad290bb87c068fe6416d4252
a5b85caac39146b22cc6927de76a3be642896398491bca76cb43a6113a837cf7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 27 May 2023 14:21:23 GMT
Last-Modified: Sat, 27 May 2023 12:33:57 GMT
Server: ECAcc (dcb/7EDB)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JQ1M2mCOhMMn7NkDSnLRpbemhEtdjmiLUxiveh4mmcFRVbJgUg-JHQ==
Age: 6446

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e000fd2f31a5f6fcca0f190894531f48
45d21c6cb11ecbe8132bd102f07a63d1e40a2f11
c4c863b3aad9c3703d5668da33570cb6f91607761f7db2f47810ebf3eaad5f43

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 27 May 2023 14:21:23 GMT
Etag: "6471ad78-1d7"
Expires: Sat, 27 May 2023 16:21:23 GMT
Last-Modified: Sat, 27 May 2023 07:12:56 GMT
Server: ECAcc (nya/7970)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: z21AWDQyw29-h8o7vOGPA_KMrOJqUKdzsfG8qWcBRArfqlv69RPrDQ==
Age: 5955

fonts.googleapis.com/css?family=Playball|Roboto:400,700

142.250.74.106

200 OK

652 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Playball|Roboto:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
gzip compressed data, max compression\012- data
Size
652 kB (651980 bytes)
Hash
574f3499fd482737c00425e67277ab90
19240ed0371f1e7ef729e1abf3417e426147237a
a87ff8fd730fcf29e54caf416eead850792a10da0e87aaf6a2cb7f3677bcaedf

HTTP Headers

GET /css?family=Playball|Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 May 2023 14:21:22 GMT
date: Sat, 27 May 2023 14:21:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16851972826110.3423783765215108&invert_field_sensitivity=false

52.4.12.52

301 Moved Permanently

134 B

URL GET HTTP/2
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16851972826110.3423783765215108&invert_field_sensitivity=false
IP
52.4.12.52:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16851972826110.3423783765215108&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Sat, 27 May 2023 14:21:23 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16851972826110.3423783765215108&invert_field_sensitivity=false
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js

104.18.10.207

200 OK

722 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (50277)
Size
722 kB (722232 bytes)
Hash
46b549bdc90920f18a911f186b9dd75c
3c639c4af5c036a6ee364215bd12c0b12937827d
1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5

HTTP Headers

GET /bootstrap/4.0.0-beta.2/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:03 GMT
cdn-cachedat: 2021-04-23 06:28:09
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a9ac53c2137aaf1cc3a74aff1812514f
cdn-cache: HIT
cf-cache-status: HIT
age: 1771204
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cdee76739d51c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4df66cbd2bcaf55aa8222e8cc97cce83
836ba6bcd272661717defea8264f5c545318b9c2
2e58b01969b0adb24175ccc75dd6448280b51de238d8e85002967dd3bb25d0d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 27 May 2023 14:21:23 GMT
Last-Modified: Sat, 27 May 2023 13:28:00 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: p6WVWmamyINZJ_YUjHslBE6MUuQHY_b55pqJBRY2Op3kVAcPO0s3tg==
Age: 3203

pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=primerewardz.com

54.230.111.92

200 OK

2.2 kB

URL GET HTTP/2
pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=primerewardz.com
IP
54.230.111.92:443
ASN
#16509 AMAZON-02

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectpushpros.tech
FingerprintF1:27:D4:0A:37:DD:69:2C:97:CF:48:D1:1A:24:56:E0:17:C8:BB:F9
ValidityThu, 04 May 2023 00:00:00 GMT - Sat, 01 Jun 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (2182), with no line terminators
Size
2.2 kB (2182 bytes)
Hash
dda4b2ad967142d30726ca20e8af93bc
1ac1a32ccaf48712a3ed31e45851a2f96ef3168e
24a95847ba714c08305ac2b7407543967f0faa87189874fb0a2b38a3c628efce

HTTP Headers

GET /GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=primerewardz.com HTTP/1.1
Host: pushpros.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://primerewardz.com/
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
content-length: 2182
date: Sat, 27 May 2023 14:21:23 GMT
x-amzn-requestid: 45f210c7-9af0-4793-90c4-9366995755e3
access-control-allow-origin: *
x-amz-apigw-id: Fle7lE0loAMFeww=
x-amzn-trace-id: Root=1-647211e3-763c05472d3a63007c6c496d;Sampled=0;lineage=ce85cba6:0
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lrd5r9kkysDnPo9uZSCmyCp0OK4KlHKTUdnxrae6iaF0NB5F98Kd4w==
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3414da96a3b0e6322694a601f5ffe360
ed3aa9d5cdf90ae4f1901a6e15e57b9557d6f31b
486a206e8c9933fbfe6070d858b8c33565ca01e1c2cd013bd39a7eb050fe9503

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 27 May 2023 14:21:23 GMT
Last-Modified: Sat, 27 May 2023 12:51:21 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZSouBUfAdGi8XrKkw8xxAG5vUezzMlvLpYkxo1i76gTuDc7JS0hUtA==
Age: 5402

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3f8fb8387707bbc25396187033234c1f
5683dd096e7fa22c8d744aa6c14797c6ea169643
c1571a2db6b805e3b8ed5755eca91ca8a368cbdb38fc0ba05f03053e658210b6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 27 May 2023 14:21:23 GMT
Etag: "6471b8bc-1d7"
Expires: Sat, 27 May 2023 16:21:23 GMT
Last-Modified: Sat, 27 May 2023 08:01:00 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bOCkxS7akvyBQuBds3ubiEB6dXEg1ky7_NlAHdLIvsbYaLeEgqHcOQ==
Age: 3121

primerewardz.com/favicon.ico

52.2.18.249

200 OK

5.4 kB

URL GET HTTP/2
primerewardz.com/favicon.ico
IP
52.2.18.249:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
5.4 kB (5430 bytes)
Hash
b0a102991e7332643ae57365023c00c8
4ea4c55c982e08bda104d2e8e981594c067cef24
1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Cookie: ci_session=34ta1mj6r3batl8h2dks88kut24lk34u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:23 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:08 GMT
etag: "1536-5c80ac2e78fe8"
accept-ranges: bytes
X-Firefox-Spdy: h2

d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4

54.230.245.38

200 OK

1.4 kB

URL GET HTTP/1.1
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
54.230.245.38:443
ASN
#16509 AMAZON-02

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.4 kB (1449 bytes)
Hash
f383924b4df21ad2fe7e8882c61bd5ce
465f78b89eaf1a5aaea70d27ddef8bd19b72fee5
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

HTTP Headers

GET /iframe.html?token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Sat, 27 May 2023 05:20:16 GMT
ETag: W/"643ec1f4-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: f-P0iVkMI2_9chDRBNfaMWjkxcsPwot7HVGGShXqWJk5e6wtEe-VDg==
Age: 78849

s3.amazonaws.com/trackpush/trackpush.min.js

52.217.204.128

200 OK

13 kB

URL GET HTTP/1.1
s3.amazonaws.com/trackpush/trackpush.min.js
IP
52.217.204.128:443
ASN
#16509 AMAZON-02

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint94:B9:7C:21:8C:A0:94:8C:1A:34:F7:CB:48:59:A4:A2:B4:E5:81:03
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 20 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (47625), with no line terminators
Size
13 kB (13264 bytes)
Hash
d470356148c00da67db3c9bdaecc90f9
d12a4df31633cf9a982bd6e8c3ffbc2449b1753f
5ea9947b55246bd7e281b10027a5ed301039077b0589afff470b73c561a93054

HTTP Headers

GET /trackpush/trackpush.min.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: xyizpIPZZ3pjDsxrwqmi5R2+cJnIOZcj26LnjRAxmAnwzH1VBwOrB3xfwPLyQMSJJDEujLW2bcU=
x-amz-request-id: MHZDYSNPTKFAW8JJ
Date: Sat, 27 May 2023 14:21:24 GMT
Last-Modified: Thu, 03 Nov 2022 18:51:50 GMT
ETag: "cbd14612441d2cca730df2e3c9f185c1"
Cache-Control: max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 13264

create.leadid.com/2.11.9/SaveDom?msn=2&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683472

3.228.135.28

200 OK

63 B

URL POST HTTP/2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683472
IP
3.228.135.28:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
63 B (63 bytes)
Hash
470a9dd204e80ec863ccfe8718f01007
7fe9a0c387cd762d772d1f7918733a769f263403
ce10314f90bff2aed46f8f5fea9845ee4c8d956a0c1d98a89e5045619aa2d322

HTTP Headers

POST /2.11.9/SaveDom?msn=2&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683472 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 496
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:24 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 14:21:24 GMT; Max-Age=2592000; path=/
rguserid=da2bdc18-6940-4785-9990-c34319b45de0; expires=Mon, 26-Jun-2023 14:21:24 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 14:21:24 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 14:21:24 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e25d94cfa45a29c932fae528da538185
1d8fe43592b56bf06968d220c8f8197b99c0c72f
3b5a87c65aa8794afa47ea457b8334d0290ea29d9ff7d5fd0c828565f470026e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 27 May 2023 14:21:24 GMT
Last-Modified: Sat, 27 May 2023 13:42:52 GMT
Server: ECAcc (bsa/EB26)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ld_UjY71wB-bI9tBNzR_Ok4nyVwQFFd1wuDPcfrunInDOgFMkGdgxg==
Age: 2313

api.trustedform.com/certs

52.4.12.52

201 Created

475 B

URL POST HTTP/2
api.trustedform.com/certs
IP
52.4.12.52:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Size
475 B (475 bytes)
Hash
823824dbc8e8cabf6575d1d73c7b0f79
ca09a34cd0abf4e11699bc87d0a80654ecdbd18d
50be537ae6fc000698dce7e152ff6e94f5d5754e6313f5f6ef1d15428a3257db

HTTP Headers

POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 664
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 201 Created
date: Sat, 27 May 2023 14:21:25 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

cdn.trustedform.com/trustedform-1.8.39.js

54.230.111.60

200 OK

38 kB

URL GET HTTP/2
cdn.trustedform.com/trustedform-1.8.39.js
IP
54.230.111.60:443
ASN
#16509 AMAZON-02

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (37481 bytes)
Hash
9c2830f2c2e5b9cb27e0e7f151317cbe
7e0b45f1cf0f826b0aaaf792e20bdd77d27c6b3a
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14

HTTP Headers

GET /trustedform-1.8.39.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
server: AmazonS3
content-encoding: gzip
date: Sat, 27 May 2023 14:21:25 GMT
etag: W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RjiahxSF_ZPG4KjMqPDh6FH0iuHlR4Q906TNDZiA2S8SYYzdkf2-UA==
age: 1
X-Firefox-Spdy: h2

api.trustedform.com/certs/d0eaae4d6a3fe5d40c47ed1a0c9eb1ce7978d24f/fingerprints

52.4.12.52

204 No Content

0 B

URL POST HTTP/2
api.trustedform.com/certs/d0eaae4d6a3fe5d40c47ed1a0c9eb1ce7978d24f/fingerprints
IP
52.4.12.52:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/d0eaae4d6a3fe5d40c47ed1a0c9eb1ce7978d24f/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 176
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 27 May 2023 14:21:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/Snap?msn=4&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683474

3.228.135.28

200 OK

20 B

URL POST HTTP/2
create.leadid.com/2.11.9/Snap?msn=4&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683474
IP
3.228.135.28:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

POST /2.11.9/Snap?msn=4&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683474 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 167767
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:25 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 14:21:25 GMT; Max-Age=2592000; path=/
rguserid=b123855a-2dbe-42e5-8b1e-ecd520e84093; expires=Mon, 26-Jun-2023 14:21:25 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 14:21:25 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 14:21:25 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
81c6828ce360a1fa14451d2854a730cc
b0a38371fefd611985eb361d0f00e74ef9dfc89a
fe91147d2a184f33acc2d9796fbe4717e32c8ab0103db9c6d69ab5cfd13dc03c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 27 May 2023 14:21:36 GMT
Etag: "6471a0e7-1d7"
Expires: Sat, 27 May 2023 16:21:36 GMT
Last-Modified: Sat, 27 May 2023 06:19:19 GMT
Server: ECAcc (nya/78E9)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oaSsGqnIZn52HkJmf0MeDbtEolM6EWBWeChHWhQl2RLH65B45gVW5g==
Age: 3295

primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no

52.2.18.249

200 OK

5.2 kB

URL User Request GET HTTP/2
primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
IP
52.2.18.249:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1124)
Size
5.2 kB (5154 bytes)
Hash
4b1d2ef364862c2359ec821355c64fee
1b04bdc4beeacb4ae1c0dc22f52a421111ea2937
b370c7308d73b87b4f35ae1bd0e76e72ed981bc7a87052a31fe85e86156ed22b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:36 GMT
content-type: text/html; charset=UTF-8
content-length: 5154
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=ddodkv7vuprkk7nqkv5ptna9rdggv2th; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

primerewardz.com/assets/img/campaign/1200_bg.jpg

52.2.18.249

200 OK

651 kB

URL GET HTTP/2
primerewardz.com/assets/img/campaign/1200_bg.jpg
IP
52.2.18.249:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 3840x2305, components 3\012- data
Size
651 kB (651297 bytes)
Hash
c1679eec674158c15e0ccb8c569dd206
7b3f9217b1d43fc7673c287b3267ebfe48071f4a
7fe2fae5ff0fc8e53499d44a560bafb86931c14aae49f1c01ff152a16e22d2e6

HTTP Headers

GET /assets/img/campaign/1200_bg.jpg HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Cookie: ci_session=34ta1mj6r3batl8h2dks88kut24lk34u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: image/jpeg
content-length: 651297
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:32:39 GMT
etag: "9f021-5d7afd9f0fc38"
accept-ranges: bytes
X-Firefox-Spdy: h2

primerewardz.com/assets/img/campaign/1200_welcome.png

52.2.18.249

200 OK

709 kB

URL GET HTTP/2
primerewardz.com/assets/img/campaign/1200_welcome.png
IP
52.2.18.249:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT

File type
PNG image data, 1517 x 1183, 8-bit/color RGBA, non-interlaced\012- data
Size
709 kB (708688 bytes)
Hash
b74ab05c4fd0c1aa56fac019a132ba46
1b5c4b2d6219f56070e34bb984bd70dee73fb76f
25a4080d24a34c9f3cec714c55e06fb77742658289c9fa78599f621176a79742

HTTP Headers

GET /assets/img/campaign/1200_welcome.png HTTP/1.1
Host: primerewardz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Cookie: ci_session=34ta1mj6r3batl8h2dks88kut24lk34u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:22 GMT
content-type: image/png
content-length: 708688
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:32:41 GMT
etag: "ad050-5d7afda0d3e98"
accept-ranges: bytes
X-Firefox-Spdy: h2

api.trustedform.com/certs/d0eaae4d6a3fe5d40c47ed1a0c9eb1ce7978d24f/events

52.4.12.52

204 No Content

0 B

URL POST HTTP/2
api.trustedform.com/certs/d0eaae4d6a3fe5d40c47ed1a0c9eb1ce7978d24f/events
IP
52.4.12.52:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/d0eaae4d6a3fe5d40c47ed1a0c9eb1ce7978d24f/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 214
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 27 May 2023 14:21:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/GenerateToken?msn=1&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&_=958683471

3.228.135.28

200 OK

36 B

URL POST HTTP/2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&_=958683471
IP
3.228.135.28:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
36 B (36 bytes)
Hash
373d7b836ea74fc5834cb737513e8eae
f2c543fb00d14b87227990aec55a64a30e7fd758
0cf7274d8f5be0d4c9610d31d30ce82a9d605f48db973871a946105e77d16b9b

HTTP Headers

POST /2.11.9/GenerateToken?msn=1&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&_=958683471 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 292
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:23 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 14:21:23 GMT; Max-Age=2592000; path=/
rguserid=26894683-3bbc-4a13-84b3-10cc278c0333; expires=Mon, 26-Jun-2023 14:21:23 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 14:21:23 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 14:21:23 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/Snap?msn=6&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683476

3.228.135.28

200 OK

0 B

URL POST HTTP/2
create.leadid.com/2.11.9/Snap?msn=6&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683476
IP
3.228.135.28:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /2.11.9/Snap?msn=6&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683476 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 139879
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:26 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 14:21:26 GMT; Max-Age=2592000; path=/
rguserid=622ca8f1-9bcb-46bb-b8a2-3e8810eeeaa5; expires=Mon, 26-Jun-2023 14:21:26 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 14:21:26 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 14:21:26 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=3&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683473

3.228.135.28

200 OK

0 B

URL POST HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683473
IP
3.228.135.28:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /2.11.9/InitFormData?msn=3&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683473 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1238
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:24 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 14:21:24 GMT; Max-Age=2592000; path=/
rguserid=4d889179-5b1f-4cc4-8057-ca02162e63bb; expires=Mon, 26-Jun-2023 14:21:24 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 14:21:24 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 14:21:24 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

signals.aimtell.com/pageview?id_site=12400&v=3.974&support=0&state=default&wl=1

104.18.31.151

200 OK

43 B

URL POST HTTP/2
signals.aimtell.com/pageview?id_site=12400&v=3.974&support=0&state=default&wl=1
IP
104.18.31.151:443
ASN
#13335 CLOUDFLARENET

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerCloudflare, Inc.
Subjectaimtell.com
Fingerprint1C:CD:DA:C4:62:7E:59:6E:A3:E5:F3:89:A3:BD:88:CA:D9:F0:F7:3D
ValiditySat, 08 Apr 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

POST /pageview?id_site=12400&v=3.974&support=0&state=default&wl=1 HTTP/1.1
Host: signals.aimtell.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:24 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: https://primerewardz.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse, Aimtell-Signal
aimtell-hash-exists: 0
aimtell-signal: 0
aimtell-traverse: 0
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdee7720bb5b4f4-OSL
X-Firefox-Spdy: h2

cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16851972826110.3423783765215108&invert_field_sensitivity=false

54.230.111.60

200 OK

7.5 kB

URL GET HTTP/2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16851972826110.3423783765215108&invert_field_sensitivity=false
IP
54.230.111.60:443
ASN
#16509 AMAZON-02

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7726), with no line terminators
Size
7.5 kB (7518 bytes)
Hash
9922363fd118cee80f733b7f8cf45e5c
c58005d21a1da4c611549651099127ff0f2ab9f6
1c01e146dfe11b2f712393fa866f782d0ea7d52ba076fb66739de8bbcd712565

HTTP Headers

GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16851972826110.3423783765215108&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://primerewardz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Sat, 27 May 2023 14:21:24 GMT
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: 3_b23spJZawDo2DonqGySoPkWa3Umuag
etag: W/"88ddf717f635b54023edd7480431e1d1"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: do8dtYbwjIcnc9WWGJbo8j5keCFeGGmMtk4yTJcHUXuGza9xgrtnxg==
X-Firefox-Spdy: h2

create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2

104.22.39.182

200 OK

126 kB

URL GET HTTP/2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP
104.22.39.182:443
ASN
#13335 CLOUDFLARENET

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerCloudflare, Inc.
Subjectlidstatic.com
FingerprintF7:D5:3C:A9:3E:B6:D5:BF:11:CB:69:9F:0B:34:88:4F:18:79:BC:88
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT

File type

Size
126 kB (126350 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:23 GMT
content-type: text/javascript
x-amz-id-2: kVBGEAUx47lxyuJZOhYviXpJGIkiVbmk+c6uPb89kAC50DamnXpsljZDC8CG/J9QyocC7LR0AvI=
x-amz-request-id: N4537WQ29D95J6QB
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdee76a8d750a1c-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

deviceid.trueleadid.com/iframe.html?token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4

3.231.15.165

200 OK

4.2 kB

URL GET HTTP/2
deviceid.trueleadid.com/iframe.html?token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
3.231.15.165:443
ASN
#14618 AMAZON-AES

Requested by
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
Certificate
IssuerAmazon
Subjectdeviceid.trueleadid.com
FingerprintD8:8B:86:53:4A:F3:E9:53:1D:C4:CD:CB:91:CD:50:50:B0:84:BA:DB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4323), with no line terminators
Size
4.2 kB (4169 bytes)
Hash
27a57862137bf0b580930f288703c507
20114057bbb1f8a2ca6f1b6a2d81fe7f2b75c64a
b0019d4447d91be93f68b8fb233b8fcccc542e3dffc16d4dc9c9f71bc9704550

HTTP Headers

GET /iframe.html?token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:24 GMT
content-type: text/html
server: nginx
last-modified: Tue, 23 May 2023 16:17:22 GMT
etag: W/"646ce712-1049"
expires: Sun, 28 May 2023 14:21:24 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&uuid=a4e5711408e5482395d2a0339a2670fd

3.228.135.28

200 OK

0 B

URL GET HTTP/2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&uuid=a4e5711408e5482395d2a0339a2670fd
IP
3.228.135.28:443
ASN
#14618 AMAZON-AES

Requested by
https://deviceid.trueleadid.com/iframe.html?token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
Certificate
IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&uuid=a4e5711408e5482395d2a0339a2670fd HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:24 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 14:21:24 GMT; Max-Age=2592000; path=/
rguserid=cc55f4bc-a46b-442e-88af-2bd8edd63dde; expires=Mon, 26-Jun-2023 14:21:24 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 14:21:24 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 14:21:24 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

api.trustedform.com/certs/d0eaae4d6a3fe5d40c47ed1a0c9eb1ce7978d24f/snapshot

52.4.12.52

204 No Content

0 B

URL POST HTTP/2
api.trustedform.com/certs/d0eaae4d6a3fe5d40c47ed1a0c9eb1ce7978d24f/snapshot
IP
52.4.12.52:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/d0eaae4d6a3fe5d40c47ed1a0c9eb1ce7978d24f/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7511
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 27 May 2023 14:21:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=5&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683475

3.228.135.28

200 OK

0 B

URL POST HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=5&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683475
IP
3.228.135.28:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /2.11.9/InitFormData?msn=5&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683475 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1063
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:25 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 14:21:25 GMT; Max-Age=2592000; path=/
rguserid=a3d14e65-7907-4b7d-a8da-3526efdb0963; expires=Mon, 26-Jun-2023 14:21:25 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 14:21:25 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 14:21:25 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/Snap?msn=7&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683477

3.228.135.28

200 OK

0 B

URL POST HTTP/2
create.leadid.com/2.11.9/Snap?msn=7&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683477
IP
3.228.135.28:443
ASN
#14618 AMAZON-AES

Requested by
https://primerewardz.com/go/to/72d25f/key/a32bbdd823abc5314d5af55e8d312063/aid/10899/s1/676047/pop/no
Certificate
IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /2.11.9/Snap?msn=7&pid=2c013b22-d3bd-4316-876b-1e9cc775b573&token=E6F65195-42C6-5FE5-74E9-962CC4353D0E&_=958683477 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 40680
Origin: https://primerewardz.com
DNT: 1
Connection: keep-alive
Referer: https://primerewardz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 14:21:26 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 14:21:26 GMT; Max-Age=2592000; path=/
rguserid=fd7b57da-673e-4bfa-8724-c0d646d6a028; expires=Mon, 26-Jun-2023 14:21:26 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 14:21:26 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 14:21:26 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL