Report - rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no

Report Overview

Submitted URL
rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no
IP
54.144.195.192
ASN
#14618 AMAZON-AES
Submitted
2023-03-20 13:57:19
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	3.8 kB	7.7 kB	216.58.211.3
api.trustedform.com	23021	2012-10-29T06:30:13Z	2023-03-26T10:09:26Z	1.4 kB	1.5 kB	52.54.141.164
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-26T06:32:39Z	612 B	595 B	64.233.165.155
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-26T05:09:44Z	404 B	7.2 kB	104.17.24.14
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-25T22:19:37Z	970 B	33 kB	216.58.207.227
d2m2wsoho8qq12.cloudfront.net	unknown	2013-05-25T05:15:49Z	2023-03-25T05:16:50Z	666 B	2.0 kB	54.230.245.142
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-26T06:17:09Z	395 B	31 kB	142.250.74.170
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	52.36.191.5
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-26T06:22:54Z	408 B	32 kB	142.250.74.74
rewardusacenter.com	unknown	2018-10-03T12:58:58Z	2023-03-25T13:59:05Z	6.0 kB	1.4 MB	54.144.195.192
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	2.7 kB	7.1 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-26T05:09:33Z	1.8 kB	5.0 kB	54.230.80.227
ads.pro-market.net	47212	2012-05-22T09:59:48Z	2023-03-25T05:16:44Z	384 B	1.4 kB	95.101.10.74
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	2.7 kB	52 kB	34.120.237.76
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-26T06:13:06Z	1.2 kB	21 kB	142.250.74.174
pbid.pro-market.net	6233	2012-10-30T06:59:16Z	2023-03-26T10:09:26Z	575 B	659 B	107.178.240.89
create.lidstatic.com	24133	2015-09-23T21:42:02Z	2023-03-25T05:16:48Z	426 B	564 B	104.22.39.182
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-26T05:11:06Z	342 B	1.0 kB	172.64.155.188
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-26T05:35:47Z	826 B	30 kB	104.18.11.207
create.leadid.com	14598	2014-01-22T14:55:11Z	2023-03-25T08:38:40Z	3.5 kB	11 kB	34.192.171.130
cdn.trustedform.com	24659	2020-08-27T01:38:48Z	2023-03-26T11:01:19Z	872 B	39 kB	54.230.111.91
deviceid.trueleadid.com	2097	2018-07-10T07:19:41Z	2023-03-25T05:16:50Z	670 B	332 B	3.232.158.127

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-20	medium	rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no	Phishing
2023-03-20	medium	rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no	Phishing
2023-03-20	medium	rewardusacenter.com/assets/js/jquery.email-autocomplete.min.js	Phishing
2023-03-20	medium	rewardusacenter.com/assets/js/plugins/email.verify.1.1.js	Phishing
2023-03-20	medium	rewardusacenter.com/assets/js/pop_window.js	Phishing
2023-03-20	medium	rewardusacenter.com/assets/img/guarantee_badge.svg	Phishing
2023-03-20	medium	rewardusacenter.com/assets/js/templ_standard_js.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no	658 B	2023-03-07	2023-03-26
Pretty URL rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no IP 54.144.195.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:31 Last Seen2023-03-26 12:01:58 Times Seen5 Hash 621a62794343df3ea8e6b57f0887d4dd e46336316ed2fabba39c082b00031df43a2bed35 ea848796ac124646f629659bee1c96852358c46f92540ea4f1b9e19b390e3d59 Loading...

	rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no	355 B	2023-03-07	2024-01-19
Pretty URL rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no IP 54.144.195.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen582 Hash 75e4cb955a63d07fced3932d9d8f6fe0 d73015dc9bf416fd308c9f40d350945f0cfc1720 8d1c6afe9fcc4a69fd903b60adf921b932fa4baead70e2c5984550770588841a Loading...

	create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=C487C63A-F172-5339-1F03-A68CF63C685D&uuid=48a725f42b99488abff9881956de19c3	0 B	2023-03-07	2024-04-26
Pretty URL create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=C487C63A-F172-5339-1F03-A68CF63C685D&uuid=48a725f42b99488abff9881956de19c3 IP 34.192.171.130 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 04:38:46 Times Seen37083231 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	rewardusacenter.com/assets/js/plugins/email.verify.1.1.js	5.3 kB	2023-03-07	2023-12-29
Pretty URL rewardusacenter.com/assets/js/plugins/email.verify.1.1.js IP 54.144.195.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2023-12-29 04:35:32 Times Seen485 Hash 172c7088f34c1c375ae260a028a9f0cf 150684d6ffcd2e12727954790e17685b3410ff95 d3c8d6a7d5f212160de2ead76c91e553cd29e8f2271536586ccb41d401fab4ad Loading...

	rewardusacenter.com/assets/js/jquery.email-autocomplete.min.js	3.2 kB	2023-03-07	2023-12-29
Pretty URL rewardusacenter.com/assets/js/jquery.email-autocomplete.min.js IP 54.144.195.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2023-12-29 04:35:32 Times Seen646 Hash e52c1b9d782a5f900404c7d6b19913b3 92a6f34824da998a181a36ede877ffb611a194aa 369f3c1ba5e42e3b55ca10f6cf763f5e6811af0f44e0b61b84852aa19081de3e Loading...

	rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no	67 B	2023-03-07	2023-12-29
Pretty URL rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no IP 54.144.195.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:31 Last Seen2023-12-29 03:52:39 Times Seen132 Hash 2ddc81524cc1a70118e892a101b354af 2c1baf1b96a222a1e1700c9aea4be96b9c085033 c650318ffcb81ec462747810af812f188a9d41a19b2cdb641677a025298cd548 Loading...

	rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no	93 B	2023-03-07	2023-04-06
Pretty URL rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no IP 54.144.195.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:31 Last Seen2023-04-06 07:55:32 Times Seen16 Hash 36a5e8a7594d072602186d7044e2dd05 a5084461fc385f8341383d2da56f216df4d0c898 d5c7d28ba0b440c588d7512fad4f981d7104e8948da29de54597de283d5dec48 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js	19 kB	2023-03-07	2024-04-24
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:14 Last Seen2024-04-24 17:00:54 Times Seen1725 Hash aad2475f1e2615224fa9716b53954be2 4f08d328c845410583e0a05c8d5a5bc61c23db47 8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce Loading...

	rewardusacenter.com/assets/js/pop_window.js	4.2 kB	2023-03-07	2023-12-29
Pretty URL rewardusacenter.com/assets/js/pop_window.js IP 54.144.195.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2023-12-29 04:35:32 Times Seen473 Hash 5ab611ffa62c4d2208e8b06c984337ec 7b1f19e115be9f0b90d7791ce2ca85e5ee536b82 c878606d2efe52e77a736f5bca231a2a62281697138d10416088282fd8a090ee Loading...

	rewardusacenter.com/assets/js/templ_standard_js.min.js	2.4 kB	2023-03-07	2023-12-29
Pretty URL rewardusacenter.com/assets/js/templ_standard_js.min.js IP 54.144.195.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2023-12-29 04:35:32 Times Seen473 Hash 36eb8ad9bbfc0fb3de0c0724e98056e4 0d26daccbee4cd7fbc3b0d1c154c9d30d3449e45 aa7506c4bb3cd1be57d7e487d908bc0a299beef8ee09950189dcd39d691566d9 Loading...

	ads.pro-market.net/ads/scripts/site-141028.js	2.2 kB	2023-03-07	2023-05-05
Pretty URL ads.pro-market.net/ads/scripts/site-141028.js IP 95.101.10.74 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-05-05 20:04:46 Times Seen629 Hash 365b5ee3c0302c78c16f7de2f16f2e9c 8c2e46af5cfe004d044f84067ce8e41a20bfa806 07f9667f25cfdb29c4bd56f3fc9d9f2fdc095ef87f0563b4f0bfc0dc66530b9a Loading...

	rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no	592 B	2023-03-07	2024-01-19
Pretty URL rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no IP 54.144.195.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen746 Hash b7819f20ec3d377b9fb124f8f0e8ceb4 bc1c20068326ed8b2630a25df9f6f4b2dc281638 a4124d51bb27da6fe4eb67bb019de6d0999d38cfe588b59f38ceaebe7c409488 Loading...

	rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no	397 B	2023-03-07	2024-01-19
Pretty URL rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no IP 54.144.195.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen579 Hash d54e487a455caded5dec88dad6038538 7aac4b5089e75a37a0281aee2080ae3081b4b387 5c263fa7f8418b34917b5ae5689fbd313530820aeaac85e768084e745c2ea239 Loading...

	create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2	126 kB	2023-03-07	2024-01-16
Pretty URL create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 IP 104.22.39.182 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-16 16:52:02 Times Seen739 Hash 97495a102c98049f30e62264b1eb50f5 2826aca635888817ca3869a59dda0f1c53e32788 e3d44f6e098f5d3c6b47bb00453dbb1d58b7848332ffc70fc756009b189ba322 Loading...

	cdn.trustedform.com/trustedform-1.8.38.js	104 kB	2023-03-14	2023-05-12
Pretty URL cdn.trustedform.com/trustedform-1.8.38.js IP 54.230.111.91 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:12:06 Last Seen2023-05-12 17:46:56 Times Seen1009 Hash a71c6d4fa015e7b61cc1fc54ff9b242e a4564cb80c9d7b516360f361cbddbe66b7abb8aa d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 04:23:39 Times Seen62581 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16793206295980.8183048323771807&invert_field_sensitivity=false	7.5 kB	2023-03-14	2023-05-12
Pretty URL api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16793206295980.8183048323771807&invert_field_sensitivity=false IP 52.54.141.164 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:12:06 Last Seen2023-05-12 17:46:55 Times Seen658 Hash 1b4d8abad5e0668a237e388577c6a93c cb8199d9e56f094c63ba8b451239035205422f0f 001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c Loading...

	d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C487C63A-F172-5339-1F03-A68CF63C685D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4	3.4 kB	2023-03-07	2023-04-05
Pretty URL d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C487C63A-F172-5339-1F03-A68CF63C685D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 IP 54.230.245.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen430 Hash dd90e68a27b15b3378f44fa576f7cde5 64a9f1d55a2ff24678318bd48fde93fcec154397 5127171a2622e36e3899b78eaea4e123fffbc640879520918c6a3b79b0548037 Loading...

	deviceid.trueleadid.com/iframe.html?token=C487C63A-F172-5339-1F03-A68CF63C685D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4	4.1 kB	2023-03-07	2023-04-05
Pretty URL deviceid.trueleadid.com/iframe.html?token=C487C63A-F172-5339-1F03-A68CF63C685D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 IP 3.232.158.127 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen431 Hash 1d08eacf8810260f7f983057db5300af a6fa3b482a165ab84c34b418bee093c439f74034 61ea1ea5a132046ca584940a34a1eae6c007dc56062d2a76cf0dea486a52048b Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-24
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:27 Last Seen2024-04-24 17:00:55 Times Seen2705 Hash 46b549bdc90920f18a911f186b9dd75c 3c639c4af5c036a6ee364215bd12c0b12937827d 1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5923e6a91fd004cc0815f0a5494f6368	14 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-25 20:36:21 Times Seen2541 Hash 5923e6a91fd004cc0815f0a5494f6368 6f0cc8f774ac9d8240ffe81a9c659c9612d7bb70 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33 Loading...

HTTP Transactions (72)

URL IP Response Size

rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no

54.144.195.192

301 Moved Permanently

134 B

URL HTTP/1.1
rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no
IP
54.144.195.192:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Mon, 20 Mar 2023 13:57:07 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://rewardusacenter.com:443/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3950
Expires: Mon, 20 Mar 2023 15:02:58 GMT
Date: Mon, 20 Mar 2023 13:57:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Mon, 20 Mar 2023 14:51:22 GMT
Date: Mon, 20 Mar 2023 13:57:08 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 20 Mar 2023 13:27:17 GMT
content-type: application/json
age: 1791
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5285a032a285729d3e4a546310ed052d
d370c14bbc2d168cc3703bcb6b94ea0ece26e69d
a811aac1eb89de0666a7de8d3eda1dc3affa7ce5353219211a1beee1211536b5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A811AAC1EB89DE0666A7DE8D3EDA1DC3AFFA7CE5353219211A1BEEE1211536B5"
Last-Modified: Mon, 20 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14017
Expires: Mon, 20 Mar 2023 17:50:45 GMT
Date: Mon, 20 Mar 2023 13:57:08 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: K1keFba7lEyp9D6jhA07eXt/3YhGs4Klfs74nG+LWtjHkND37diuoEG7wDROkTy+K7iY46iscgc=
x-amz-request-id: 2FDS030BQT28BSBD
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 20 Mar 2023 13:52:47 GMT
age: 261
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 20 Mar 2023 13:57:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1de9b6bbe5b9033618540ec0304078e0
61eea78c7d41a39ced0027427dec2a50e48e9b99
9623181b7f54a75702b92079928f661f79508b1df388584d689e5fb166bed37b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147789
Date: Mon, 20 Mar 2023 13:57:08 GMT
Etag: "6417fae8-1d7"
Expires: Wed, 22 Mar 2023 07:00:17 GMT
Last-Modified: Mon, 20 Mar 2023 06:19:20 GMT
Server: ECAcc (nya/1C20)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lO5RXyCaQACS8D8cymA6U0FU_NMH4NZKQW_cO1dtykqOS6kZtOYybQ==
Age: 2457

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 20 Mar 2023 13:17:21 GMT
age: 2387
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no

54.144.195.192

200 OK

4.9 kB

URL HTTP/2
rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no
IP
54.144.195.192:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1133)
Size
4.9 kB (4929 bytes)
Hash
766baf898b21f10a8b660bf91bfc3c43
27d5fd104a93a1fc7f16641fa2688b629bd2d499
1ae5d3e08059f24e7cf425aae368bc7c18e469e66f0e99d6c1383daa41920e0d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:08 GMT
content-type: text/html; charset=UTF-8
content-length: 4929
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=36a337dlfr6eu871p8t9e5ck00sfdpag; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ads.pro-market.net/ads/scripts/site-141028.js

95.101.10.74

200 OK

1.1 kB

URL HTTP/1.1
ads.pro-market.net/ads/scripts/site-141028.js
IP
95.101.10.74:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (514), with CRLF line terminators
Size
1.1 kB (1101 bytes)
Hash
540b7c85a21cf48ee81735b2ffcc335f
e5eaedc157c73717aab322629e3f1ad8569bc0a1
aa2916440a5dc9e91cc213dc3503845a97fe91cfd12fe8e6cd92032b675a4da9

HTTP Headers

GET /ads/scripts/site-141028.js HTTP/1.1
Host: ads.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Last-Modified: Tue, 23 Jul 2019 13:39:45 GMT
Server: nginx/1.0.15
Content-Encoding: gzip
Content-Length: 1101
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Date: Mon, 20 Mar 2023 13:57:08 GMT
Connection: keep-alive
Vary: Accept-Encoding

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js

104.17.24.14

200 OK

6.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19063)
Size
6.2 kB (6174 bytes)
Hash
c679fc5b9888418ef9f3e7926440af62
8139d70efdd87422f5178a5e94dc118835359d7b
1a86b9e51ba3f00d80d15a4ccb3994a57a19d14a1d5f82f8bcd2cd3f24182560

HTTP Headers

GET /ajax/libs/popper.js/1.12.3/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 6174
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4b24"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5217035
expires: Sat, 09 Mar 2024 13:57:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXJaYvqoHrqzHtMesNyRlsEsksO9Q9mTUd2UMCML987n10YWUFtlM6h2FE2TgwVIcDX7FN40AKFi%2FWdo0xuayp2RCn2SrsuRSivIdFf9yLkbd%2FESCX1xMOs42m6M5HJAgwJPFotl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7aae76699d970b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3462d41d9283fedf24f278089d5d1570
b8bcea77656f775cdc34620322cc616216ed2b95
55e47b413ba648a98eb6e92ab73aee602912cd13e7da23ef3cea1490c1b9de50

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55E47B413BA648A98EB6E92AB73AEE602912CD13E7DA23EF3CEA1490C1B9DE50"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4928
Expires: Mon, 20 Mar 2023 15:19:16 GMT
Date: Mon, 20 Mar 2023 13:57:08 GMT
Connection: keep-alive

rewardusacenter.com/assets/css/loading_icon_1.css

54.144.195.192

200 OK

580 B

URL HTTP/2
rewardusacenter.com/assets/css/loading_icon_1.css
IP
54.144.195.192:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
580 B (580 bytes)
Hash
b6b8913a6a3ad6881037667493551ec5
3daae516738f878875bb15766ca06a2ed9ee442b
cc46b8ab8bf6a609d0c9336a46ef8b217c15fb2ecdef548c5c4d6ce6ebdb52cf

HTTP Headers

GET /assets/css/loading_icon_1.css HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no
Cookie: ci_session=36a337dlfr6eu871p8t9e5ck00sfdpag
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:08 GMT
content-type: text/css
content-length: 580
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:07 GMT
etag: "db0-5c80ac2ce37a0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

rewardusacenter.com/assets/js/jquery.email-autocomplete.min.js

54.144.195.192

200 OK

1.3 kB

URL HTTP/2
rewardusacenter.com/assets/js/jquery.email-autocomplete.min.js
IP
54.144.195.192:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (2986)
Size
1.3 kB (1279 bytes)
Hash
798676a5ff3d21a8bc176f70d2c5bd76
d24542ec54da8193b27a88270eee8786ded40cd6
3749352310004b2e3e2a12e34c80e0a3a4cfefb2bf54a075396376e2708eb92d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery.email-autocomplete.min.js HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no
Cookie: ci_session=36a337dlfr6eu871p8t9e5ck00sfdpag
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:08 GMT
content-type: application/javascript
content-length: 1279
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:10 GMT
etag: "c5e-5c80ac301ea00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

rewardusacenter.com/assets/js/plugins/email.verify.1.1.js

54.144.195.192

200 OK

1.5 kB

URL HTTP/2
rewardusacenter.com/assets/js/plugins/email.verify.1.1.js
IP
54.144.195.192:0
ASN
#14618 AMAZON-AES

File type
assembler source, ASCII text, with very long lines (947)
Size
1.5 kB (1470 bytes)
Hash
3b6641f0dcf9827d3493d9deec174f45
5b3661d8b11e1ad71cc50d37c7906a75813640f8
a4260beb78cfaa7bd9b02e04bad1779b74aae3f4e1b7b40cdb304d8056245164

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/plugins/email.verify.1.1.js HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no
Cookie: ci_session=36a337dlfr6eu871p8t9e5ck00sfdpag
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:08 GMT
content-type: application/javascript
content-length: 1470
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:14 GMT
etag: "14c2-5c80ac33e27e0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

rewardusacenter.com/assets/js/pop_window.js

54.144.195.192

200 OK

752 B

URL HTTP/2
rewardusacenter.com/assets/js/pop_window.js
IP
54.144.195.192:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
752 B (752 bytes)
Hash
cc82d44651dcf889c4e1f023547fd369
a088f669982d55599b374bb8e6d16e421e058b85
d379aee72fde87b2492c62e193e2f7744106b6ffb45dff0ef1b2c6f71db8f43e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/pop_window.js HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no
Cookie: ci_session=36a337dlfr6eu871p8t9e5ck00sfdpag
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:08 GMT
content-type: application/javascript
content-length: 752
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:14 GMT
etag: "1085-5c80ac33e7600-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 13:57:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

142.250.74.170

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32058)
Size
30 kB (30306 bytes)
Hash
fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 16:33:16 GMT
expires: Thu, 14 Mar 2024 16:33:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 422632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 13:57:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rewardusacenter.com/assets/img/guarantee_badge.svg

54.144.195.192

200 OK

7.1 kB

URL HTTP/2
rewardusacenter.com/assets/img/guarantee_badge.svg
IP
54.144.195.192:0
ASN
#14618 AMAZON-AES

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (7104), with no line terminators
Size
7.1 kB (7104 bytes)
Hash
19028bac308549aeb0e41a418646e2df
43209bcef38e912327857ef68ee8796d78c52ca0
977ed311f2c3818040fb8d87f3d93f94088749446b0e2d03b54fd73506e9ab7e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/guarantee_badge.svg HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no
Cookie: ci_session=36a337dlfr6eu871p8t9e5ck00sfdpag
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:08 GMT
content-type: image/svg+xml
content-length: 7104
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 06 Nov 2017 17:45:19 GMT
etag: "1bc0-55d54049409c0"
accept-ranges: bytes
X-Firefox-Spdy: h2

rewardusacenter.com/assets/js/templ_standard_js.min.js

54.144.195.192

200 OK

981 B

URL HTTP/2
rewardusacenter.com/assets/js/templ_standard_js.min.js
IP
54.144.195.192:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (937)
Size
981 B (981 bytes)
Hash
589a59a46c420bfc8d8321e483d7c6ff
026c4794525ef59b3c0093d894554a8de8b40dd9
1ffd2d86a03350e50ba7d890df8f17d0c92c936c4674a2abde84b902cc5c74aa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/templ_standard_js.min.js HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no
Cookie: ci_session=36a337dlfr6eu871p8t9e5ck00sfdpag
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:08 GMT
content-type: application/javascript
content-length: 981
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 11 Nov 2021 17:25:09 GMT
etag: "987-5d0869fd7fe28-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 13:57:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 13:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 13:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 13:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.36.191.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.36.191.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: i8PpqZaq01nkx5JTkxAp+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: q3NndBnAzMQ4xUx1OsncS0yRDKI=

fonts.googleapis.com/css?family=Playball|Roboto:400,700

142.250.74.74

200 OK

31 kB

URL HTTP/2
fonts.googleapis.com/css?family=Playball|Roboto:400,700
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
31 kB (31005 bytes)
Hash
7d08c5dd4baca516db91885d45140e91
869a72f0204550f556d1678c7ca2d8796215c901
9b573481e12b8759fc1eb0692664946f18c0370fb8bd353562d1bc77b6156646

HTTP Headers

GET /css?family=Playball|Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Mar 2023 13:57:08 GMT
date: Mon, 20 Mar 2023 13:57:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rewardusacenter.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Mar 2023 13:09:06 GMT
expires: Wed, 13 Mar 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 521283
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rewardusacenter.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 13:15:37 GMT
expires: Thu, 14 Mar 2024 13:15:37 GMT
cache-control: public, max-age=31536000
age: 434492
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.usertrust.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
ed297f9bce4b93eb353348fd9005c0d6
c35cc2c297a5952cb6a7e5e1e4641ecc167a0510
569c22c3aca3503ff3b3c9a97c9b1023238cfd01bb18d075d3a6eb06b2e80aab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 13:57:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 18 Mar 2023 22:10:20 GMT
Expires: Sat, 25 Mar 2023 22:10:19 GMT
Etag: "c35cc2c297a5952cb6a7e5e1e4641ecc167a0510"
Cache-Control: max-age=604111,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 309
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aae766c3b050b06-OSL

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 13:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
35a59af58e988fe3b4056ff69de5869e
d333ac487ca7bacb72b80256f6b828533bb6623a
5d1e119b389286444a5c7f042628e3fe5fc1652ac237be60d47d6d46ffb34978

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152974
Date: Mon, 20 Mar 2023 13:57:09 GMT
Etag: "6418076d-1d7"
Expires: Wed, 22 Mar 2023 08:26:43 GMT
Last-Modified: Mon, 20 Mar 2023 07:12:45 GMT
Server: ECAcc (dcb/7F33)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kw2lnvopqg7FwTPkmcOV6sbxT6LcDMVHe3ZQ2OV1A8ZOr60hmI2nrg==
Age: 4438

api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16793206295980.8183048323771807&invert_field_sensitivity=false

52.54.141.164

301 Moved Permanently

134 B

URL HTTP/2
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16793206295980.8183048323771807&invert_field_sensitivity=false
IP
52.54.141.164:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16793206295980.8183048323771807&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Mon, 20 Mar 2023 13:57:09 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16793206295980.8183048323771807&invert_field_sensitivity=false
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
578f019641747e6ed56988ab476ba2d0
3355ea1575c835c5632c6f536ab857da501c6dba
80f0926c2b9c385fb48883294ba62b3b47f07e1af02777291eeb56688979ade5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94363
Date: Mon, 20 Mar 2023 13:57:09 GMT
Etag: "64172c3a-1d7"
Expires: Tue, 21 Mar 2023 16:09:52 GMT
Last-Modified: Sun, 19 Mar 2023 15:37:30 GMT
Server: ECAcc (nya/797E)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: x06A14I8JHjc70b-O_4yBPwErmw1Eb50jQHFv9lxROeXnoUKRkN3xA==
Age: 1942

rewardusacenter.com/assets/img/campaign/1200_bg.jpg

54.144.195.192

200 OK

651 kB

URL HTTP/2
rewardusacenter.com/assets/img/campaign/1200_bg.jpg
IP
54.144.195.192:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 3840x2305, components 3\012- data
Size
651 kB (651297 bytes)
Hash
c1679eec674158c15e0ccb8c569dd206
7b3f9217b1d43fc7673c287b3267ebfe48071f4a
7fe2fae5ff0fc8e53499d44a560bafb86931c14aae49f1c01ff152a16e22d2e6

HTTP Headers

GET /assets/img/campaign/1200_bg.jpg HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no
Cookie: ci_session=36a337dlfr6eu871p8t9e5ck00sfdpag
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:09 GMT
content-type: image/jpeg
content-length: 651297
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:32:39 GMT
etag: "9f021-5d7afd9f0fc38"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2e768091224fbbed88b23a73c895cbc1
2491527d2be4d23d1644de65c936f76446dd6177
bb63ace0f44be72f799650f627f9d97b6e20893835fecd14389d68a403556c6e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 20 Mar 2023 13:57:09 GMT
Last-Modified: Mon, 20 Mar 2023 12:49:11 GMT
Server: ECAcc (bsa/EA9A)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MB0Gt7rq9nTQa-iospl3u4u-ui_L7__F7pj-XFIcvtJ1mN2rZowiiw==
Age: 4078

d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C487C63A-F172-5339-1F03-A68CF63C685D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4

54.230.245.142

200 OK

1.4 kB

URL HTTP/1.1
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C487C63A-F172-5339-1F03-A68CF63C685D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
54.230.245.142:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.4 kB (1449 bytes)
Hash
ef825b8a88a51cd76a51d08dfc1d4f99
5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b
2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1

HTTP Headers

GET /iframe.html?token=C487C63A-F172-5339-1F03-A68CF63C685D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 14 Feb 2023 20:01:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Sun, 19 Mar 2023 23:26:14 GMT
ETag: W/"63ebe88f-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8QWrxGzNW72WD2U8XFF1TeAZl5NTvveYrW7zgWNz0TG6BJGHhEVy_w==
Age: 52429

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12847
Expires: Mon, 20 Mar 2023 17:31:17 GMT
Date: Mon, 20 Mar 2023 13:57:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12847
Expires: Mon, 20 Mar 2023 17:31:17 GMT
Date: Mon, 20 Mar 2023 13:57:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12847
Expires: Mon, 20 Mar 2023 17:31:17 GMT
Date: Mon, 20 Mar 2023 13:57:10 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12184
Expires: Mon, 20 Mar 2023 17:20:14 GMT
Date: Mon, 20 Mar 2023 13:57:10 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7695 bytes)
Hash
302595cc68fe8cf12121d0f652b3194d
e5532a3fed552246e8a63ea2ba75e174273a7b9f
6ca3599a9af06f51d4dc205d4ebd8f7f8b38c54864b6b478eac8c0d1adbc97c6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7695
x-amzn-requestid: 1009077b-14aa-42e5-86f1-de94b8b2aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDETIHf8oAMFxEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641780e0-07bbb0376f1c1941731e00ba;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 388_JExXl_vwNTUh_69QfjoGz-cNeQwwrp6kpAP1Hhv3VvtgeeXbrw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:55:31 GMT
age: 57699
etag: "e5532a3fed552246e8a63ea2ba75e174273a7b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12424 bytes)
Hash
e1533684819dcbf9e77684c19eb86465
489f8f036efd23ce36085af127af7d6c794fe00b
9154a471013bd0972fad93ea4eeaf4b23f66dd1534e0d9cc302263aca0f94bd1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12424
x-amzn-requestid: 64a89fbe-4ac0-4059-a481-37c30ae36928
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eOuEG2oAMF1Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd91-0492160f3e8196a23fc53eda;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: tx--67yg-v6sA1zslsl2iUXzLbdnWhU-cMqTDpxldZg-qog8-urKcA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 08:59:45 GMT
age: 17845
etag: "489f8f036efd23ce36085af127af7d6c794fe00b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css

104.18.11.207

200 OK

28 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65318)
Size
28 kB (27928 bytes)
Hash
cc4ed35b560094963b0596c85353376c
2495fbf37e23d6619e81e9a7dc5e06d0c3a5ede6
8ab91429bb5ad393362c8f92657a409bffd562641389feb1b3bf7f22e19c4f1c

HTTP Headers

GET /bootstrap/4.0.0-beta.2/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:08 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:03 GMT
cdn-cachedat: 11/02/2021 02:15:40
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 5014485a46d581605d0e095f8e21f934
cdn-cache: HIT
cf-cache-status: HIT
age: 24761421
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7aae7669991b0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8195 bytes)
Hash
2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hZeMhs-Z5fNn0pvRUSkNcGau_K6EG9EQtDktbLUth0uEveafUgCxeQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:14:44 GMT
age: 56546
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/GenerateToken?msn=1&pid=e419bb20-1831-4df2-ade4-fad7f448797a&_=449699905

34.192.171.130

200 OK

6.0 kB

URL HTTP/2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=e419bb20-1831-4df2-ade4-fad7f448797a&_=449699905
IP
34.192.171.130:0
ASN
#14618 AMAZON-AES

File type
data
Size
6.0 kB (6015 bytes)
Hash
5316638ae2e8092ef95c275a82ab6259
258eb537422f61089b01089eff682e3381cad1c6
a34cc267bb09ab21d2cb1b920ecdf6e9ad8e4220b8839aaa61fc563c092ca9cb

HTTP Headers

POST /2.11.9/GenerateToken?msn=1&pid=e419bb20-1831-4df2-ade4-fad7f448797a&_=449699905 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 267
Origin: https://rewardusacenter.com
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:10 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Wed, 19-Apr-2023 13:57:10 GMT; Max-Age=2592000; path=/
rguserid=de2777c9-3879-4d7d-a2ff-f164ec0045b2; expires=Wed, 19-Apr-2023 13:57:10 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Wed, 19-Apr-2023 13:57:10 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Wed, 19-Apr-2023 13:57:10 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10338 bytes)
Hash
78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: xfkObFQbeYQQjIJ4FWQ7xKbH5FPxBQ1vkTDCwWCM6IcAAu8H31BNhQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:04:48 GMT
age: 24742
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 13:57:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rewardusacenter.com/assets/img/campaign/1200_welcome.png

54.144.195.192

200 OK

709 kB

URL HTTP/2
rewardusacenter.com/assets/img/campaign/1200_welcome.png
IP
54.144.195.192:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 1517 x 1183, 8-bit/color RGBA, non-interlaced\012- data
Size
709 kB (708688 bytes)
Hash
b74ab05c4fd0c1aa56fac019a132ba46
1b5c4b2d6219f56070e34bb984bd70dee73fb76f
25a4080d24a34c9f3cec714c55e06fb77742658289c9fa78599f621176a79742

HTTP Headers

GET /assets/img/campaign/1200_welcome.png HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no
Cookie: ci_session=36a337dlfr6eu871p8t9e5ck00sfdpag
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:09 GMT
content-type: image/png
content-length: 708688
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:32:41 GMT
etag: "ad050-5d7afda0d3e98"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 20 Mar 2023 13:53:25 GMT
expires: Mon, 20 Mar 2023 15:53:25 GMT
cache-control: public, max-age=7200
age: 225
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

rewardusacenter.com/favicon.ico

54.144.195.192

200 OK

5.4 kB

URL HTTP/2
rewardusacenter.com/favicon.ico
IP
54.144.195.192:0
ASN
#14618 AMAZON-AES

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
5.4 kB (5430 bytes)
Hash
b0a102991e7332643ae57365023c00c8
4ea4c55c982e08bda104d2e8e981594c067cef24
1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/go/to/72d25f/key/0d8c4636a9a7e42f11010db6462e28ee/aid/16944/s1/4271224/pop/no
Cookie: ci_session=36a337dlfr6eu871p8t9e5ck00sfdpag; leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=C487C63A-F172-5339-1F03-A68CF63C685D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:10 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:08 GMT
etag: "1536-5c80ac2e78fe8"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 13:57:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j99&a=1828036515&t=pageview&_s=1&dl=https%3A%2F%2Frewardusacenter.com%2Fgo%2Fto%2F72d25f%2Fkey%2F0d8c4636a9a7e42f11010db6462e28ee%2Faid%2F16944%2Fs1%2F4271224%2Fpop%2Fno&ul=en-us&de=UTF-8&dt=Visa%20Gift%20Card&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=997048097&gjid=608018650&cid=1366854409.1679320631&tid=UA-39232759-1&_gid=712833055.1679320631&_r=1&_slc=1&z=1049547131

142.250.74.174

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1828036515&t=pageview&_s=1&dl=https%3A%2F%2Frewardusacenter.com%2Fgo%2Fto%2F72d25f%2Fkey%2F0d8c4636a9a7e42f11010db6462e28ee%2Faid%2F16944%2Fs1%2F4271224%2Fpop%2Fno&ul=en-us&de=UTF-8&dt=Visa%20Gift%20Card&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=997048097&gjid=608018650&cid=1366854409.1679320631&tid=UA-39232759-1&_gid=712833055.1679320631&_r=1&_slc=1&z=1049547131
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j99&a=1828036515&t=pageview&_s=1&dl=https%3A%2F%2Frewardusacenter.com%2Fgo%2Fto%2F72d25f%2Fkey%2F0d8c4636a9a7e42f11010db6462e28ee%2Faid%2F16944%2Fs1%2F4271224%2Fpop%2Fno&ul=en-us&de=UTF-8&dt=Visa%20Gift%20Card&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=997048097&gjid=608018650&cid=1366854409.1679320631&tid=UA-39232759-1&_gid=712833055.1679320631&_r=1&_slc=1&z=1049547131 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://rewardusacenter.com
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://rewardusacenter.com
date: Mon, 20 Mar 2023 13:57:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
db7e8ec26e256ce82b87b425e11e4e1f
e0ca54ac030f772c42323f6fad1243c00383397e
716ef6673a685c7358b75c8c971887495e37b4a93aabab832bb8856c5911de13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100375
Date: Mon, 20 Mar 2023 13:57:10 GMT
Etag: "6417376f-1d7"
Expires: Tue, 21 Mar 2023 17:50:05 GMT
Last-Modified: Sun, 19 Mar 2023 16:25:19 GMT
Server: ECAcc (nya/1C6C)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CtukkNbgWzFmFCLBwpbYPjLiqsYVkv97L9irIoIZHqkUjtkPg2A69Q==
Age: 5086

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e64fc6f9ae4228dd2fc48d61e1d8841
ae781abd01bae215d2ccc65fe308aaa4e3df6706
f8f424b8de4cb7cea5608432bbad1786f02cbc7e3c111f5d395288065f134fa0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 13:57:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-39232759-1&cid=1366854409.1679320631&jid=997048097&gjid=608018650&_gid=712833055.1679320631&_u=IEBAAEAAAAAAACAAI~&z=1487229493

64.233.165.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-39232759-1&cid=1366854409.1679320631&jid=997048097&gjid=608018650&_gid=712833055.1679320631&_u=IEBAAEAAAAAAACAAI~&z=1487229493
IP
64.233.165.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-39232759-1&cid=1366854409.1679320631&jid=997048097&gjid=608018650&_gid=712833055.1679320631&_u=IEBAAEAAAAAAACAAI~&z=1487229493 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://rewardusacenter.com
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://rewardusacenter.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Mar 2023 13:57:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e64fc6f9ae4228dd2fc48d61e1d8841
ae781abd01bae215d2ccc65fe308aaa4e3df6706
f8f424b8de4cb7cea5608432bbad1786f02cbc7e3c111f5d395288065f134fa0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 13:57:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.trustedform.com/certs

52.54.141.164

201 Created

475 B

URL HTTP/2
api.trustedform.com/certs
IP
52.54.141.164:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Size
475 B (475 bytes)
Hash
02ba5ae94d1894a8430308192d9a50e2
a607cd8726ae356c1849d20f4cb28a7ec9397d12
d1580f547da828e61dff70f5996972f858cfd55297a314dec80deb313a7f6085

HTTP Headers

POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 655
Origin: https://rewardusacenter.com
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 201 Created
date: Mon, 20 Mar 2023 13:57:11 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

cdn.trustedform.com/trustedform-1.8.38.js

54.230.111.91

200 OK

38 kB

URL HTTP/2
cdn.trustedform.com/trustedform-1.8.38.js
IP
54.230.111.91:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (37952 bytes)
Hash
c840839357b6e3ca873148e101971abb
71f06777a887e8c65a86f72b3fc59e8a1dbc3cf6
0b9c20129840bafdb61418028977123560fd766d23367dcf211ac48ce4bae1fe

HTTP Headers

GET /trustedform-1.8.38.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Mar 2023 13:57:11 GMT
etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9xaEdPCnXrFltSffwsxdoCbQxxkBmpQVSSXYvW2DeISotAfij80gcQ==
age: 8
X-Firefox-Spdy: h2

api.trustedform.com/certs/2007656cbd511168fc009ab292113860310d05a1/fingerprints

52.54.141.164

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/2007656cbd511168fc009ab292113860310d05a1/fingerprints
IP
52.54.141.164:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/2007656cbd511168fc009ab292113860310d05a1/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 262
Origin: https://rewardusacenter.com
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Mon, 20 Mar 2023 13:57:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8189 bytes)
Hash
6645ef8b7e2b10326cc1cb7c76f82769
cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced
1076fa495f0b7cc23922f64cc6a6f596de9a6f08ea7549eef785d804db0be7fc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8189
x-amzn-requestid: 3815c61d-6d05-4794-bd9a-d417d1270527
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wqgGsdIAMFi6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e42-6af86b2a21b89d38559ca754;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:54 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 615Du8dUBpZq6He1j_lB3Jl8nVFhWYBVO6qfBcFwcGIlpjDMMLXQUg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:15:51 GMT
age: 56486
etag: "cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0-beta.2/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:08 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:03 GMT
cdn-cachedat: 2021-04-23 06:28:09
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a9ac53c2137aaf1cc3a74aff1812514f
cdn-cache: HIT
cf-cache-status: HIT
age: 27430895
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7aae766989120b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

deviceid.trueleadid.com/iframe.html?token=C487C63A-F172-5339-1F03-A68CF63C685D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4

3.232.158.127

200 OK

0 B

URL HTTP/2
deviceid.trueleadid.com/iframe.html?token=C487C63A-F172-5339-1F03-A68CF63C685D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
3.232.158.127:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe.html?token=C487C63A-F172-5339-1F03-A68CF63C685D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:10 GMT
content-type: text/html
server: nginx
last-modified: Wed, 08 Mar 2023 19:45:51 GMT
etag: W/"6408e5ef-1049"
expires: Tue, 21 Mar 2023 13:57:10 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=C487C63A-F172-5339-1F03-A68CF63C685D&uuid=48a725f42b99488abff9881956de19c3

34.192.171.130

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=C487C63A-F172-5339-1F03-A68CF63C685D&uuid=48a725f42b99488abff9881956de19c3
IP
34.192.171.130:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=C487C63A-F172-5339-1F03-A68CF63C685D&uuid=48a725f42b99488abff9881956de19c3 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:10 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Wed, 19-Apr-2023 13:57:10 GMT; Max-Age=2592000; path=/
rguserid=db1c866e-0512-4ab3-bb0c-bff48c4af5b7; expires=Wed, 19-Apr-2023 13:57:10 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Wed, 19-Apr-2023 13:57:10 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Wed, 19-Apr-2023 13:57:10 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=4&pid=e419bb20-1831-4df2-ade4-fad7f448797a&token=C487C63A-F172-5339-1F03-A68CF63C685D&_=449699908

34.192.171.130

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=e419bb20-1831-4df2-ade4-fad7f448797a&token=C487C63A-F172-5339-1F03-A68CF63C685D&_=449699908
IP
34.192.171.130:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=4&pid=e419bb20-1831-4df2-ade4-fad7f448797a&token=C487C63A-F172-5339-1F03-A68CF63C685D&_=449699908 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1063
Origin: https://rewardusacenter.com
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:11 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Wed, 19-Apr-2023 13:57:11 GMT; Max-Age=2592000; path=/
rguserid=80b3d200-d397-4fce-b5d6-660fd575d955; expires=Wed, 19-Apr-2023 13:57:11 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Wed, 19-Apr-2023 13:57:11 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Wed, 19-Apr-2023 13:57:11 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/Snap?msn=6&pid=e419bb20-1831-4df2-ade4-fad7f448797a&token=C487C63A-F172-5339-1F03-A68CF63C685D&_=449699910

34.192.171.130

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/Snap?msn=6&pid=e419bb20-1831-4df2-ade4-fad7f448797a&token=C487C63A-F172-5339-1F03-A68CF63C685D&_=449699910
IP
34.192.171.130:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/Snap?msn=6&pid=e419bb20-1831-4df2-ade4-fad7f448797a&token=C487C63A-F172-5339-1F03-A68CF63C685D&_=449699910 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 116617
Origin: https://rewardusacenter.com
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:12 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Wed, 19-Apr-2023 13:57:12 GMT; Max-Age=2592000; path=/
rguserid=f8e6d006-ed37-4cfd-9a92-e913338ca178; expires=Wed, 19-Apr-2023 13:57:12 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Wed, 19-Apr-2023 13:57:12 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Wed, 19-Apr-2023 13:57:12 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

pbid.pro-market.net/engine?site=141028;size=1x1;e=0;dt=0;category=smn28dd0j4dnumi;kw=wqj2%20g1n2%20basl;rnd=(1679320629591)

107.178.240.89

200 OK

0 B

URL HTTP/2
pbid.pro-market.net/engine?site=141028;size=1x1;e=0;dt=0;category=smn28dd0j4dnumi;kw=wqj2%20g1n2%20basl;rnd=(1679320629591)
IP
107.178.240.89:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /engine?site=141028;size=1x1;e=0;dt=0;category=smn28dd0j4dnumi;kw=wqj2%20g1n2%20basl;rnd=(1679320629591) HTTP/1.1
Host: pbid.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-4.c.datonics-gcp-01.internal
set-cookie: anProfile="0+1+4=21x+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s0=(26)+s2=(rrto39)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
content-type: text/html
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 20 Mar 2023 13:57:08 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/Snap?msn=7&pid=e419bb20-1831-4df2-ade4-fad7f448797a&token=C487C63A-F172-5339-1F03-A68CF63C685D&_=449699911

34.192.171.130

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/Snap?msn=7&pid=e419bb20-1831-4df2-ade4-fad7f448797a&token=C487C63A-F172-5339-1F03-A68CF63C685D&_=449699911
IP
34.192.171.130:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/Snap?msn=7&pid=e419bb20-1831-4df2-ade4-fad7f448797a&token=C487C63A-F172-5339-1F03-A68CF63C685D&_=449699911 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 32188
Origin: https://rewardusacenter.com
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:12 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Wed, 19-Apr-2023 13:57:12 GMT; Max-Age=2592000; path=/
rguserid=d29811ec-9433-4196-a66c-d963d6e1c377; expires=Wed, 19-Apr-2023 13:57:12 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Wed, 19-Apr-2023 13:57:12 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Wed, 19-Apr-2023 13:57:12 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2

104.22.39.182

200 OK

0 B

URL HTTP/2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP
104.22.39.182:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:09 GMT
content-type: text/javascript
x-amz-id-2: O16CHRgGP5PihEF6nbQMyzYUo2yjcYHKCJoHpgMRz3egG7UQr8Elj3zIBIXEWymzIsVgADWWYog=
x-amz-request-id: 22Q20MNJ14S59VZ5
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aae766c7df1f13e-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16793206295980.8183048323771807&invert_field_sensitivity=false

54.230.111.91

200 OK

0 B

URL HTTP/2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16793206295980.8183048323771807&invert_field_sensitivity=false
IP
54.230.111.91:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16793206295980.8183048323771807&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardusacenter.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 13:57:10 GMT
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
x-amz-version-id: oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV
etag: W/"1b4d8abad5e0668a237e388577c6a93c"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pjMIlJVrFLxGIoqOEbvaM9mkDE5PZJoy67Wf0zLWoRqSzW43bnISPw==
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=3&pid=e419bb20-1831-4df2-ade4-fad7f448797a&token=C487C63A-F172-5339-1F03-A68CF63C685D&_=449699907

34.192.171.130

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=e419bb20-1831-4df2-ade4-fad7f448797a&token=C487C63A-F172-5339-1F03-A68CF63C685D&_=449699907
IP
34.192.171.130:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=3&pid=e419bb20-1831-4df2-ade4-fad7f448797a&token=C487C63A-F172-5339-1F03-A68CF63C685D&_=449699907 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1238
Origin: https://rewardusacenter.com
Connection: keep-alive
Referer: https://rewardusacenter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 13:57:10 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Wed, 19-Apr-2023 13:57:10 GMT; Max-Age=2592000; path=/
rguserid=13894f1f-6c54-4daf-978a-c42db4c0960c; expires=Wed, 19-Apr-2023 13:57:10 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Wed, 19-Apr-2023 13:57:10 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Wed, 19-Apr-2023 13:57:10 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML