{"report_id":"bb1ede0a-d463-418c-b1fc-3af444e25441","version":6,"status":"done","tags":[],"date":"2025-11-27T22:45:39Z","url":{"schema":"http","addr":"track.syndicationcontent.com/?xtl=7akciftk4wxqdqox1lkrk4fie1i5cghntjg1zz4lmzyrdi0updc98ehb63dcqb732tv7gzyjtvfb68mwodfjsmd87dw98fljpoy85jgflbwi4him62ij6lujadadp84cg9v9o92h619mbbp896c5sryg90kg7hugtqrcxuig1tgaii619kk8xhle9e1koanodrwi7jvzgqk1e1qxnik4b7zpg9escwujfrvir2mi5r6kct8crm6ylssjvkn362i34d5w41ey91zsq2d11zcj08wlwkg8eya1apa3iv93iw2dv39lyaqq8m59\u0026eih=kqiu9wm3jj6sa2twouhsr8tq4ix7v25z\u0026__stmp=t6ehjc\u0026__onlt=h\u0026BRIDGE_ID=","fqdn":"track.syndicationcontent.com","domain":"syndicationcontent.com","tld":"com"},"ip":{"addr":"52.54.75.175","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"rewardcenteroffers.com/ETF","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"title":"AT\u0026T Rewards - ETF","dom":{"size":15595,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (506)","md5":"7ae1d59d0fed466f2f8ad96460c66c8a","sha1":"3faf1151a47476d06900aeec70dd6c45248d656c","sha256":"09fcda266689c7a51341c9cedf7a51ba831f33d2194adb2b68c534d7b88bc0fd","sha512":"045654b7493bd839dab06ed9e500c84927cef4fef8425102ea5fb03c95671033475d7db42283ddf5602eff37a1a43f83e3b100cd04ca1fbdfc24d9983cb11380","ssdeep":"384:BZgo4gE8GCZmn8ERI1UY8R88LRYWgdb2S+HiZxKj:go4gE88n8GC69LRYTV+Xj","tlshash":"556207769af060f319835182fa273a46bfb9d497a9169885b0ee875c4fc6c7bc43301d","dom_hash":"domhash678c05e7fa68024e8dd58ff712ee081c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"track.syndicationcontent.com/?xtl=7akciftk4wxqdqox1lkrk4fie1i5cghntjg1zz4lmzyrdi0updc98ehb63dcqb732tv7gzyjtvfb68mwodfjsmd87dw98fljpoy85jgflbwi4him62ij6lujadadp84cg9v9o92h619mbbp896c5sryg90kg7hugtqrcxuig1tgaii619kk8xhle9e1koanodrwi7jvzgqk1e1qxnik4b7zpg9escwujfrvir2mi5r6kct8crm6ylssjvkn362i34d5w41ey91zsq2d11zcj08wlwkg8eya1apa3iv93iw2dv39lyaqq8m59\u0026eih=kqiu9wm3jj6sa2twouhsr8tq4ix7v25z\u0026__stmp=t6ehjc\u0026__onlt=h\u0026BRIDGE_ID=","fqdn":"track.syndicationcontent.com","domain":"syndicationcontent.com","tld":"com"},"ip":{"addr":"52.54.75.175","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-01T22:45:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":3,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-27T22:45:13Z","timestamp":1764283513,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.41","port":41718,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2025-11-27T22:45:13.605826+0000\",\"flow_id\":411341166002413,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":41718,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"bc64fk.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":585,\"bytes_toclient\":116,\"start\":\"2025-11-27T22:43:32.639213+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-27T22:45:23Z","timestamp":1764283523,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.41","port":41728,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2025-11-27T22:45:23.725064+0000\",\"flow_id\":1965110009795532,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":41728,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"bc64fk.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":585,\"bytes_toclient\":116,\"start\":\"2025-11-27T22:43:32.988108+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-27T22:45:32Z","timestamp":1764283532,"ip_dst":{"addr":"192.169.69.26","port":80,"asn":27323,"as":"SERVERSTADIUM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.41","port":41782,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain","source":"{\"timestamp\":\"2025-11-27T22:45:32.414108+0000\",\"flow_id\":141041694260014,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":41782,\"dest_ip\":\"192.169.69.26\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2042937,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_12_15\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"bc64fk.duckdns.org\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":465,\"bytes_toclient\":116,\"start\":\"2025-11-27T22:43:33.834350+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"track.syndicationcontent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"events.cctrkl.com","ip":{"addr":"54.80.116.158","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2022-03-03","domain_rank":0,"first_seen":"2022-08-16T17:31:03Z","last_seen":"2025-11-21T19:19:58.997677Z","alert_count":0,"request_count":1,"received_data":15640,"sent_data":585,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"att.com","ip":{"addr":"144.160.36.42","port":443,"asn":797,"as":"AMERITECH-AS","country":"United States","country_code":"US"},"domain_registered":"1986-04-25","domain_rank":1136,"first_seen":"2013-07-12T15:59:05Z","last_seen":"2025-11-25T16:01:57.584983Z","alert_count":0,"request_count":1,"received_data":15370,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"F5 BigIP","description":"F5's BIG-IP is a family of products covering software and hardware designed around application availability, access control, and security solutions.","website":"https://www.f5.com/products/big-ip-services","common_platform_enumeration":"cpe:2.3:a:f5:big-ip:*:*:*:*:*:*:*:*","icon":"F5.png","categories":["Reverse proxies"]}]},{"fqdn":"dc.services.visualstudio.com","ip":{"addr":"20.50.88.233","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"The Netherlands","country_code":"NL"},"domain_registered":"1997-03-18","domain_rank":3729,"first_seen":"2014-02-04T16:25:27Z","last_seen":"2025-11-24T06:48:56.25822Z","alert_count":0,"request_count":2,"received_data":780,"sent_data":1110,"comment":"","tags":null,"fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"rewardcenteroffers.com","ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2022-04-26","domain_rank":718050,"first_seen":"2025-03-25T16:05:32.207071Z","last_seen":"2025-11-25T16:01:57.536843Z","alert_count":0,"request_count":12,"received_data":3030925,"sent_data":6114,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"www.att.com","ip":{"addr":"2.21.203.138","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"domain_registered":"1986-04-25","domain_rank":9505,"first_seen":"2012-05-21T13:25:52Z","last_seen":"2025-11-21T19:19:58.933061Z","alert_count":0,"request_count":1,"received_data":17187,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"az416426.vo.msecnd.net","ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2008-09-29","domain_rank":20178,"first_seen":"2014-02-09T15:03:31Z","last_seen":"2025-11-24T21:55:37.646548Z","alert_count":0,"request_count":1,"received_data":97493,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}]},{"fqdn":"track.syndicationcontent.com","ip":{"addr":"3.87.166.109","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2012-11-20","domain_rank":0,"first_seen":"2022-06-13T13:11:11Z","last_seen":"2025-11-21T18:05:01.567493Z","alert_count":1,"request_count":1,"received_data":15865,"sent_data":885,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rewardcenteroffers.com/ETF","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"5903be25041b2773e39e6f2d425160c6","sha1":"7d5a3a6f6f4097ed14d88ff7f9c3c19d23e8ddfc","sha256":"fcb14f1b2dab04345eb421ced86e1d4df1456f630030677999fb18245e461f87","sha512":"fdcb088310ab69c9b13890542e4bb71c79753cd6a39f8c796a82fe05da84c2cff04387111105e16cbe7479bc6a99efda6e5575823841e7c2dbb607c7815961c4","ssdeep":"","tlshash":"2421e01638fb352b9803f8a6c76f6c15b7a2178331489c0a794db2385f29c7681f65bc","size":1346,"data":"","first_seen":"2025-09-12T21:08:05.235738Z","last_seen":"2026-02-26T21:40:27.977173Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/bundles/jquery?v=Qw1VMXulYOjH95AyT2qDMej_8oAcRSoyy8wzILdNUvM1","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe87d580e12dd0f976ca3d9d15768e95","sha1":"eaefbbc524609558561ad7503d0d5c21eb43c1f3","sha256":"61b3bd103745535c83ee4d3f62d8480825623f789c698e6566b594bfcb44f282","sha512":"e66f9138f7aa834e69299a9b43d9cda457fd9df4861e91bf2f9039ac3fa013eec9a46b462910427d95561dcb151607dd5d5aa8dd4d37a9bceec6dffb9a6ea318","ssdeep":"1536:+7khn1KLiK+6a+gx1Lh+CNsAlxJd97f48WF/xTLw03XR3c8h4DZwC16+:ZX/+CWE/4TLw03Bx4wC1x","tlshash":"f0930bdcb6c2b0634ba770f900bf154bb136195968ad9410f164e8f87c78a4e907bfad","size":91712,"data":"","first_seen":"2025-09-12T21:08:05.199374Z","last_seen":"2026-02-26T21:40:27.970301Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/bundles/jqueryval?v=wBt3g9N2ilv_rRGMjRP2Wmupinu4VcfXCnObzHLC9bs1","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb45eb847c1f9e52df8d509f5bb62024","sha1":"5e45cb6fa0eb57cab081a16bab442dacb549236a","sha256":"bea9c910fb0adc090c3db7c326d56fdad5beeac6d35b093f4db30fcc5609b795","sha512":"a0e34396b07517560639b752720752aad81405824ae747a7cd5da9f13d5323cc5ac3601d4e76cf037885fc76a698dc584da9a5e5f5b8e020fb33f80f533cb35f","ssdeep":"768:oNGywNdAAtAlFH05IdjTvzpzfjny+uhkwWAkVJ9AcJKHsVH/t8S7:0GywNdF2lFH05IdjTvdLny+6WAUQHsVN","tlshash":"1bf2d98c76c2b0574fe730f8508b510ba1765a64605db028b6e8e4e2adf8ecd5077fb9","size":34497,"data":"","first_seen":"2025-09-12T21:08:05.212633Z","last_seen":"2026-02-26T21:40:27.965875Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/ETF","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c0a593fbfc5c3fa9facd98b600edbb27","sha1":"461885fb31896ca6e98636d568ada3502823d152","sha256":"4cb0a38542c891a135971c682db66dbd300cfd343c6828df0d416639212bee68","sha512":"43e8cf37cb2f1d8d3a84c4e93bc6070dc9f1376dbd9f094ed62e5689eceabc37456dc61082ad36d91f05e1f547a291a80882ba7400fa0c4b942ac3ae9096c057","ssdeep":"","tlshash":"03b00102fe820fd4e137054b063a80c02b0c490b2150a882f10c2ea01f01060f963086","size":90,"data":"","first_seen":"2025-09-12T21:08:05.238289Z","last_seen":"2026-02-26T21:40:27.977653Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/bundles/bootstrap?v=M4Nk6kIOwMFflsEKET0iPL9i5YBqbzMzvUOrd8gyCnw1","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"eea0627622cce270130cc24c0f738cc2","sha1":"6a61c82ce4e69f08fe7a27ea5dd6e91dac331a77","sha256":"a71fd6207f6416a9147eab09c1cafe22c8104507dd6391248ea2921bf7d8d78b","sha512":"fecc843f98526c92ffb3482d6fa36ed25532800642061f1e599c30aed15e7636fd65e714013947d11ece1929112c282f8b9b56b60480f47a4afe75fbf2ac3170","ssdeep":"768:plrmwl6Ml+UGN8KRU1hOT23avtwbRtfi61Omv463bv:BnAM3EqitL63bv","tlshash":"5b03820ab23035a10befa1e5505b120d72366f2df947526c78a9daf22db5c08316bf7d","size":39393,"data":"","first_seen":"2023-03-07T01:07:15Z","last_seen":"2026-03-31T20:57:54.643152Z","times_seen":195,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"az416426.vo.msecnd.net/scripts/a/ai.0.js","fqdn":"az416426.vo.msecnd.net","domain":"msecnd.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1dd63de72cf1f702324245441844be13","sha1":"58a8bdcdcb398af7db424357df70df18e7b30e9d","sha256":"5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e","sha512":"532d1e907b433ab97785cf632d9637a957152baf0ba57879c856cbaa469bffeca22c4f99485679539944b27068d39e70f7d44282594f999142454da57329a11b","ssdeep":"1536:EVpXOWPGHRGUvJEzxPNLgyLuG6XV3yV/QtJ+j1YeO4PFWYit:EVoWPGHRGUvJEzxOMQV3yV/ERaNWYit","tlshash":"b993e6dbf540646282837172643f2a0b733a0a6e78dae23cb154d5e528ee45cb32777d","size":96705,"data":"","first_seen":"2023-03-07T01:10:49Z","last_seen":"2026-04-05T12:43:00.28913Z","times_seen":5811,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"efeac4bcc64c045f413f90ceba3f836e","sha1":"f6e4af16612d2c740e0d62440fce784290eab928","sha256":"9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d","sha512":"8d0b20e90eb1de8e68918c9306dee3ce0453cb176d463d1061fbe50fac804ffa0c3682da42a6c53b99cbdc2f3c1809744a64538bd47ccf68865c1774baded878","ssdeep":"192:Ge9ZNR5GciQ3M1l8I3WsIYbXjP4lr8hvK3ozLZUnT:L9ZNRB3M1l82WqXjPYrEyUZUT","tlshash":"7f32d78c70a2710d439be0bf21bf460ef27e595849644504d1aec8bdbdb4c98827bf6d","size":11095,"data":"","first_seen":"2023-03-07T01:07:15Z","last_seen":"2026-04-04T15:28:11.18076Z","times_seen":956,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/ETF","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3ea457ca85ffe4f24bbd04928ab0498e","sha1":"9476cd19bae483dc5a5b3e75d4eb2dd052f34498","sha256":"e460545e570cd7b571de2dfcf80fa432cec079a57dd0739277bb647b5cf19fab","sha512":"97f6da2e2dd539186d21ae2501f82f9ab3301554174ae0e62f1257dd8a8165d432dbff6413526c84b5190443cdc5068a2289c503e6bcb4d1ecade695a17f2027","ssdeep":"","tlshash":"afc04c06faa61e48e177146a473fa1806e0d050b9054f982f90d1df10f00134f91354d","size":188,"data":"","first_seen":"2025-09-12T21:08:05.241134Z","last_seen":"2026-02-26T21:40:27.978421Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"rewardcenteroffers.com/Content/fonts/ATTAleckSans_W_Lt.woff","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:20.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rewardcenteroffers.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 25 Apr 2025 20:25:52 GMT","end":"Tue, 05 May 2026 17:17:47 GMT"},"fingerprint":{"sha1":"D8:CF:BD:66:C4:5B:EC:2F:D8:1F:1B:DB:30:00:40:E3:F9:A0:69:EF","sha256":"3D:65:52:61:CF:B1:3A:54:68:D3:14:4D:BA:B0:CE:73:D3:DB:F3:C5:6D:62:25:34:EA:8D:F9:AF:0E:C4:AB:2F"}}},"request":{"raw":"GET /Content/fonts/ATTAleckSans_W_Lt.woff HTTP/1.1\r\nHost: rewardcenteroffers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/Content/css?v=Ma_coZsf1251lDdSoaIFmUSUCT0_i-F_j4afk0R13RA1\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 27 Nov 2025 22:45:20 GMT\r\nContent-Type: font/x-woff\r\nContent-Length: 22564\r\nConnection: keep-alive\r\nLast-Modified: Wed, 19 Nov 2025 02:37:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"07e9274fd58dc1:0\"\r\nServer: \r\nX-UA-Compatible: IE=edge\r\nContent-Security-Policy: default-src 'self' *.ecustomersupport.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.msecnd.net *.ecustomersupport.com *.visualstudio.com https://www.google.com https://www.gstatic.com; frame-src 'self' *.ecustomersupport.com https://www.google.com; frame-ancestors 'self' *.ecustomersupport.com; connect-src *; img-src 'self' data:\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Powered-by: \r\nX-AspNetMvc-Version: \r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22564,"size_decoded":0,"mime_type":"font/x-woff","magic":"Web Open Font Format, TrueType, length 22564, version 1.0","md5":"d3a41c3b37b104492a076bb9b7f8ee2f","sha1":"d44815073830be30af0acf925e440a16123a9782","sha256":"e8d5fae41878b2727ab8fb243bc4bf071238077f621e2bc110bff7ca4ffb962e","sha512":"238c5a75d1297a1b9cb71e3ea4c0b16cdff924f88bf5d5a71d2b57beb80f859cb24b0b9c9645cd7ccee0da0b0dbf039ae77db602506d2ece30fdd78779c4ad28","ssdeep":"384:l5X54F0doZh0+PoFlaBg6gHz/SxTlpyUbt9AySOm5zN3kl1tX:n+nZaQalkgsPyUvAySOwNwl","tlshash":"a0a2e1e08ff4f3d27cad7a37d80bdab877b5c909a19c4f85c6840594aca27d06097a74","first_seen":"2023-05-30T14:47:42Z","last_seen":"2026-02-26T21:40:27.971512Z","times_seen":137,"resource_available":false,"data":null}},"time_used":399,"timings":{"blocked":97,"dns":0,"connect":0,"send":0,"wait":173,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/Content/fonts/ATTAleckSans_W_Md.woff","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:20.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rewardcenteroffers.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 25 Apr 2025 20:25:52 GMT","end":"Tue, 05 May 2026 17:17:47 GMT"},"fingerprint":{"sha1":"D8:CF:BD:66:C4:5B:EC:2F:D8:1F:1B:DB:30:00:40:E3:F9:A0:69:EF","sha256":"3D:65:52:61:CF:B1:3A:54:68:D3:14:4D:BA:B0:CE:73:D3:DB:F3:C5:6D:62:25:34:EA:8D:F9:AF:0E:C4:AB:2F"}}},"request":{"raw":"GET /Content/fonts/ATTAleckSans_W_Md.woff HTTP/1.1\r\nHost: rewardcenteroffers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/Content/css?v=Ma_coZsf1251lDdSoaIFmUSUCT0_i-F_j4afk0R13RA1\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 27 Nov 2025 22:45:20 GMT\r\nContent-Type: font/x-woff\r\nContent-Length: 23916\r\nConnection: keep-alive\r\nLast-Modified: Wed, 19 Nov 2025 02:37:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"07e9274fd58dc1:0\"\r\nServer: \r\nX-UA-Compatible: IE=edge\r\nContent-Security-Policy: default-src 'self' *.ecustomersupport.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.msecnd.net *.ecustomersupport.com *.visualstudio.com https://www.google.com https://www.gstatic.com; frame-src 'self' *.ecustomersupport.com https://www.google.com; frame-ancestors 'self' *.ecustomersupport.com; connect-src *; img-src 'self' data:\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Powered-by: \r\nX-AspNetMvc-Version: \r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23916,"size_decoded":0,"mime_type":"font/x-woff","magic":"Web Open Font Format, TrueType, length 23916, version 1.0","md5":"f01acfaf64ae1d381fc2524fff3283a7","sha1":"ca464721f7261a70f0cc3e0785f367a776a32156","sha256":"d0c4812c9f1b672a7ea3420b10ea389cabb4b50694418965003250c876a2b13b","sha512":"a93adb6edc461eeb1472e40ed8aa65afb51761c92c7d942568b112ac7f871323b7f348f129d7cb8097414d1eff3fd36ce77fd1f3931df1702238028dda65b413","ssdeep":"384:Su/fXGJo4JBbheuESLoM7ByrV+4YS/iN9VNmLvnNmDx/7ZqkfLS2+gtX:3G9AY7UA2iN1mLNS91qkO2Pl","tlshash":"21b2d1525f7c4a2be00c73307068aaa5b96f5a3e26955833d1d49783d8c86d67c173bc","first_seen":"2023-05-22T23:56:49Z","last_seen":"2026-03-27T04:21:14.983787Z","times_seen":1772,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/favicon.ico","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:20.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rewardcenteroffers.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 25 Apr 2025 20:25:52 GMT","end":"Tue, 05 May 2026 17:17:47 GMT"},"fingerprint":{"sha1":"D8:CF:BD:66:C4:5B:EC:2F:D8:1F:1B:DB:30:00:40:E3:F9:A0:69:EF","sha256":"3D:65:52:61:CF:B1:3A:54:68:D3:14:4D:BA:B0:CE:73:D3:DB:F3:C5:6D:62:25:34:EA:8D:F9:AF:0E:C4:AB:2F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: rewardcenteroffers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/ETF\r\nCookie: ai_user=OPOrG|2025-11-27T22:45:20.517Z\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 27 Nov 2025 22:45:20 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 4568\r\nConnection: keep-alive\r\nLast-Modified: Wed, 19 Nov 2025 02:37:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"07e9274fd58dc1:0\"\r\nServer: \r\nX-UA-Compatible: IE=edge\r\nContent-Security-Policy: default-src 'self' *.ecustomersupport.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.msecnd.net *.ecustomersupport.com *.visualstudio.com https://www.google.com https://www.gstatic.com; frame-src 'self' *.ecustomersupport.com https://www.google.com; frame-ancestors 'self' *.ecustomersupport.com; connect-src *; img-src 'self' data:\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Powered-by: \r\nX-AspNetMvc-Version: \r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4568,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"f4f967e2ef3b7d03be8b9c5189044090","sha1":"0245a1bf3cd6072ea491417b55fd731c2308e9a5","sha256":"7b639a755b98979157e29ad7c46220b749fd1f08b353ec2dffa308d9a7745b09","sha512":"24d7824da1f04f6f7b9ee849fceaa97b544221a65c6d212d511b77347bf7b6b1c33b87816f0841b3edda329e7543a6def149e96f387efb0f9209804bfd549fac","ssdeep":"96:27SDZ/I09Da01l+gmkyTt6Hk8nTaG5HYcvcESo9M6vgI:oSDS0tKg9E05TaGWcHjZ","tlshash":"d8918d6e9da4d4de558e360008cc6042fbb6223cee0a3abce5c567ce54b0d03bf13568","first_seen":"2025-09-12T21:08:05.230332Z","last_seen":"2026-02-26T21:40:27.974428Z","times_seen":77,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.att.com/switcherpayoff","fqdn":"www.att.com","domain":"att.com","tld":"com"},"ip":{"addr":"2.21.203.138","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-27T22:45:18.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.att.com","organization":"AT\u0026T Services, Inc."},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 01 Oct 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C6:DB:11:45:89:25:25:23:AE:1F:57:AA:B6:A9:09:20:F2:97:1B:B3","sha256":"59:47:B4:6D:43:9B:0F:8B:1F:F5:C9:D6:54:84:66:11:CC:71:E9:F8:A3:88:BB:19:D3:0A:F4:AA:CB:49:B6:4B"}}},"request":{"raw":"GET /switcherpayoff HTTP/1.1\r\nHost: www.att.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: AkamaiGHost\r\ncontent-length: 0\r\nlocation: https://rewardcenteroffers.com/ETF\r\ndate: Thu, 27 Nov 2025 22:45:18 GMT\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc=\"1764283518717_34991639_647973606_18_15089_23_30_41\";dur=1\r\nlink: \u003chttps://www.att.com/ui/frameworks/fonts/ATTAleckSans_W_Rg.woff2\u003e;rel=\"preload\";as=\"font\";type=\"font/woff2\";crossorigin,\u003chttps://www.att.com/ui/frameworks/fonts/ATTAleckSans_W_Bd.woff2\u003e;rel=\"preload\";as=\"font\";type=\"font/woff2\";crossorigin\r\naka-global-request-id-uxtime: 0.17ee1502.1764283518.269f4ae6\r\nstrict-transport-security: max-age=15768000 ; preload\r\nset-cookie: AKA_A2=A; expires=Thu, 27-Nov-2025 23:45:18 GMT; path=/; domain=att.com; secure; HttpOnly\n_abck=A03B10BF71547F850F41A93977715952~-1~YAAQF+4VAi9/XaiaAQAAKw9+xw68lrFj4N7lHn+1MHQICD3huu0z3j6RoDFam3DOUcWlAY7FevRGWKmZLuEH7aCW5iZb53BWB2aT29/dCxHyh5W1UEePjx+/EKH1wXhA2bY+xwKlgb38m1lDZvBYf8bg+WRWzfiTnM8HI+4j2LxGf0CDVGUhwdUv2bjPrVo5k3JaRpeJh9jK6DiH6/NkUbrBSxUSqWM8yHtlDr4gcqiZFbgv3p6kiylkbNCojPGxVRg51W40WHld1d0ExMAJZFx5y1slTfr+oLEN7DftsDSNGrCGJ8vqCurTjcXi4vMBSENyJqmLv282mzHKEiLtzbnqaSHHbjogmWtM4HolIeQR0C35ZDEZSoU5LwlzxL+CiXgJQimEwGj7z1ybMDdgdyM2Iw6d4vM+5ELvXRUttq099mhdlaaitDnnxqpaoleqzehyKfZTqtqx2C3BD8VaXAc=~-1~-1~-1~-1~-1; Domain=.att.com; Path=/; Expires=Fri, 27 Nov 2026 22:45:18 GMT; Max-Age=31536000; SameSite=None; Secure\nbm_sz=6E0A7D52C8B3ABC1DA7D12D58A6F4387~YAAQF+4VAjB/XaiaAQAAKw9+xx11QYKe3aGo2mX7mqiAbrWd2X6jUDw4IJvSvNIL1qwle58DSkdTXotneE7U1NeXNabSdcdLZZk0ejEUz9wkdlApkwXTlXnUq10KcrC8BNsnFssxPTPnVL81e4o7qb4qaQxHNKW9Hqv04ooX1SvKqh9FbFyT1ZQmTKzZdPUqj8qkNTo3kt02DYC4K69TM4G0udgOdOuB6PUXBh0g02hSirfumhrB+xnB1HcQjncUpFKhPK7U3MZ325/yy0z7/z92XVfNrgT2dVkNAGrwCAfhqRfPxlQG0Ew5u4XqZ8Aquwh4UYxvtMIh8tICUJ0gJ6rsksQQfEBLWQcfm0d+GXRD7UtTGlC4Y+QHacLG8RdjPKw9T3ues5ZiDg==~4408376~3750201; Domain=.att.com; Path=/; Expires=Fri, 28 Nov 2025 02:45:18 GMT; Max-Age=14400; SameSite=None; Secure\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15232,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T12:47:03.387186Z","times_seen":13375311,"resource_available":true,"data":null}},"time_used":603,"timings":{"blocked":283,"dns":228,"connect":21,"send":0,"wait":37,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/Content/fonts/ATTAleckSans_W_Bd.woff","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:20.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rewardcenteroffers.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 25 Apr 2025 20:25:52 GMT","end":"Tue, 05 May 2026 17:17:47 GMT"},"fingerprint":{"sha1":"D8:CF:BD:66:C4:5B:EC:2F:D8:1F:1B:DB:30:00:40:E3:F9:A0:69:EF","sha256":"3D:65:52:61:CF:B1:3A:54:68:D3:14:4D:BA:B0:CE:73:D3:DB:F3:C5:6D:62:25:34:EA:8D:F9:AF:0E:C4:AB:2F"}}},"request":{"raw":"GET /Content/fonts/ATTAleckSans_W_Bd.woff HTTP/1.1\r\nHost: rewardcenteroffers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/Content/css?v=Ma_coZsf1251lDdSoaIFmUSUCT0_i-F_j4afk0R13RA1\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 27 Nov 2025 22:45:20 GMT\r\nContent-Type: font/x-woff\r\nContent-Length: 23052\r\nConnection: keep-alive\r\nLast-Modified: Wed, 19 Nov 2025 02:37:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"07e9274fd58dc1:0\"\r\nServer: \r\nX-UA-Compatible: IE=edge\r\nContent-Security-Policy: default-src 'self' *.ecustomersupport.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.msecnd.net *.ecustomersupport.com *.visualstudio.com https://www.google.com https://www.gstatic.com; frame-src 'self' *.ecustomersupport.com https://www.google.com; frame-ancestors 'self' *.ecustomersupport.com; connect-src *; img-src 'self' data:\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Powered-by: \r\nX-AspNetMvc-Version: \r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23052,"size_decoded":0,"mime_type":"font/x-woff","magic":"Web Open Font Format, TrueType, length 23052, version 1.0","md5":"98fa0438e4d560c3e3f8e6279696d769","sha1":"5ef54b90902a66115cee8d30ba71c21a8e2f3d15","sha256":"f13ffc0adc7e47990e67bcfb8f355a65c29361b12f0f20d5067ac880393685bc","sha512":"f77bbdc7b41b34164b0c986fbc51b635d69c5eb7ae81744f9a3d753bde2056a8f0652e947cc235539fa03b6c1794e066e9117622117aeba01b78fb8fcb016aa9","ssdeep":"384:HFtugbAi0wjhiVeyVkyQUw0uCXGIi0Be+I7WkOo8MG8xDr3+6COEgrRzrk0gtX:HFtutxwaeyVkyQUFO0Y+I7Wru/O6hEQG","tlshash":"3aa2e05098b8d331f14afb39d45b1826eb9e8cea3781af63f95065102acd3d3285d365","first_seen":"2023-05-22T23:56:49Z","last_seen":"2026-04-03T17:33:53.604906Z","times_seen":1806,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"az416426.vo.msecnd.net/scripts/a/ai.0.js","fqdn":"az416426.vo.msecnd.net","domain":"msecnd.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:20.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"az416426.vo.msecnd.net","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Wed, 30 Jul 2025 00:00:00 GMT","end":"Fri, 30 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1F:53:5D:0A:CB:E3:9A:B7:B1:71:41:3A:9B:AB:F0:63:A6:B5:74:34","sha256":"8B:F5:28:2D:ED:4E:E4:64:92:B7:59:76:BF:E5:60:93:EE:8E:1C:0D:37:D4:32:19:60:85:C8:51:98:CE:65:B2"}}},"request":{"raw":"GET /scripts/a/ai.0.js HTTP/1.1\r\nHost: az416426.vo.msecnd.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 27 Nov 2025 22:45:20 GMT\r\ncontent-type: application/x-javascript\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=1800\r\nlast-modified: Thu, 11 Mar 2021 07:46:59 GMT\r\nx-ms-request-id: 4119b3e9-f01e-0075-1bd1-5f4bb6000000\r\nx-ms-version: 2009-09-19\r\nx-ms-meta-lastmodified: 2020-10-01 19:31:04\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-lastmodified,Content-Type,Cache-Control,ETag,Last-Modified,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20251127T224520Z-er15cd688f5qnbxwhC1SVGg0fn00000003800000000005kc\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache: TCP_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":96705,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1dd63de72cf1f702324245441844be13","sha1":"58a8bdcdcb398af7db424357df70df18e7b30e9d","sha256":"5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e","sha512":"532d1e907b433ab97785cf632d9637a957152baf0ba57879c856cbaa469bffeca22c4f99485679539944b27068d39e70f7d44282594f999142454da57329a11b","ssdeep":"1536:EVpXOWPGHRGUvJEzxPNLgyLuG6XV3yV/QtJ+j1YeO4PFWYit:EVoWPGHRGUvJEzxOMQV3yV/ERaNWYit","tlshash":"b993e6dbf540646282837172643f2a0b733a0a6e78dae23cb154d5e528ee45cb32777d","first_seen":"2023-03-07T01:10:49Z","last_seen":"2026-04-05T12:43:00.28913Z","times_seen":5811,"resource_available":true,"data":null}},"time_used":378,"timings":{"blocked":181,"dns":147,"connect":8,"send":0,"wait":16,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/Content/Images/etf-header.png","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:20.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rewardcenteroffers.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 25 Apr 2025 20:25:52 GMT","end":"Tue, 05 May 2026 17:17:47 GMT"},"fingerprint":{"sha1":"D8:CF:BD:66:C4:5B:EC:2F:D8:1F:1B:DB:30:00:40:E3:F9:A0:69:EF","sha256":"3D:65:52:61:CF:B1:3A:54:68:D3:14:4D:BA:B0:CE:73:D3:DB:F3:C5:6D:62:25:34:EA:8D:F9:AF:0E:C4:AB:2F"}}},"request":{"raw":"GET /Content/Images/etf-header.png HTTP/1.1\r\nHost: rewardcenteroffers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/Content/css?v=Ma_coZsf1251lDdSoaIFmUSUCT0_i-F_j4afk0R13RA1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 27 Nov 2025 22:45:20 GMT\r\nContent-Type: image/png\r\nContent-Length: 2619726\r\nConnection: keep-alive\r\nLast-Modified: Wed, 19 Nov 2025 02:37:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"07e9274fd58dc1:0\"\r\nServer: \r\nX-UA-Compatible: IE=edge\r\nContent-Security-Policy: default-src 'self' *.ecustomersupport.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.msecnd.net *.ecustomersupport.com *.visualstudio.com https://www.google.com https://www.gstatic.com; frame-src 'self' *.ecustomersupport.com https://www.google.com; frame-ancestors 'self' *.ecustomersupport.com; connect-src *; img-src 'self' data:\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Powered-by: \r\nX-AspNetMvc-Version: \r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2619726,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 4400 x 1544, 8-bit/color RGBA, non-interlaced","md5":"7985b84c0dc8cdf1aded2ba9525d1ebe","sha1":"45eed068c897206b06245c49b6bf9dcb3a878717","sha256":"484cfddf2f5bb29bbcece632d529006d34f1be4d59262074d431fe2ec2e02254","sha512":"928681b8ee85266cf2a52fa1218387e8264246540248a197d69532a1d29ceaa7fd364b45e3a67bb5164b637ac4186156669a24b3073e77dd864a6da63fd5310e","ssdeep":"24576:3tjjjpgamKmhpkO3VF76w23W+ybXWhuGg8qAGEVKJ0XPI:djeaOJ76w23WhbXzJFKKJ0XQ","tlshash":"a0252325e3e01ed8fee924be852a7d50433ac7e3191294c59726f3712dd80f99214bbb","first_seen":"2025-09-12T21:08:05.203248Z","last_seen":"2026-02-26T21:40:27.972309Z","times_seen":69,"resource_available":false,"data":null}},"time_used":828,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":662,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.syndicationcontent.com/?xtl=7akciftk4wxqdqox1lkrk4fie1i5cghntjg1zz4lmzyrdi0updc98ehb63dcqb732tv7gzyjtvfb68mwodfjsmd87dw98fljpoy85jgflbwi4him62ij6lujadadp84cg9v9o92h619mbbp896c5sryg90kg7hugtqrcxuig1tgaii619kk8xhle9e1koanodrwi7jvzgqk1e1qxnik4b7zpg9escwujfrvir2mi5r6kct8crm6ylssjvkn362i34d5w41ey91zsq2d11zcj08wlwkg8eya1apa3iv93iw2dv39lyaqq8m59\u0026eih=kqiu9wm3jj6sa2twouhsr8tq4ix7v25z\u0026__stmp=t6ehjc\u0026__onlt=h\u0026BRIDGE_ID=","fqdn":"track.syndicationcontent.com","domain":"syndicationcontent.com","tld":"com"},"ip":{"addr":"3.87.166.109","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-27T22:45:16.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"track.syndicationcontent.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 06 Aug 2025 00:00:00 GMT","end":"Thu, 06 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:BF:60:61:A6:0B:52:4E:64:13:13:AD:D1:08:C2:6D:54:4C:B0:EE","sha256":"E4:0D:A1:59:7E:1C:49:10:53:9B:ED:97:AE:D8:7B:F2:5D:A8:39:94:9F:94:B9:FF:34:AA:25:75:7E:9A:AB:04"}}},"request":{"raw":"GET /?xtl=7akciftk4wxqdqox1lkrk4fie1i5cghntjg1zz4lmzyrdi0updc98ehb63dcqb732tv7gzyjtvfb68mwodfjsmd87dw98fljpoy85jgflbwi4him62ij6lujadadp84cg9v9o92h619mbbp896c5sryg90kg7hugtqrcxuig1tgaii619kk8xhle9e1koanodrwi7jvzgqk1e1qxnik4b7zpg9escwujfrvir2mi5r6kct8crm6ylssjvkn362i34d5w41ey91zsq2d11zcj08wlwkg8eya1apa3iv93iw2dv39lyaqq8m59\u0026eih=kqiu9wm3jj6sa2twouhsr8tq4ix7v25z\u0026__stmp=t6ehjc\u0026__onlt=h\u0026BRIDGE_ID= HTTP/1.1\r\nHost: track.syndicationcontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 27 Nov 2025 22:45:17 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://events.cctrkl.com/event/click?oid=3371\u0026pid=11103\u0026prov=ong\u0026lid=15\u0026rid=\u0026did=\u0026trg=https%3A%2F%2Fatt.com%2Fswitcherpayoff\r\nserver: nginx\r\naccept-ch: Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version\r\naccept-ch-lifetime: 86400\r\ncritical-ch: Sec-Ch-Ua-Platform-Version\r\ncache-control: public, max-age=10800, s-maxage=10800, immutable, stale-while-revalidate=10800, stale-if-error=10800\r\nsurrogate-control: public, max-age=10800, s-maxage=10800, immutable, stale-while-revalidate=10800, stale-if-error=10800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15232,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T12:47:03.387186Z","times_seen":13375311,"resource_available":true,"data":null}},"time_used":716,"timings":{"blocked":307,"dns":24,"connect":94,"send":0,"wait":102,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"track.syndicationcontent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events.cctrkl.com/event/click?oid=3371\u0026pid=11103\u0026prov=ong\u0026lid=15\u0026rid=\u0026did=\u0026trg=https%3A%2F%2Fatt.com%2Fswitcherpayoff","fqdn":"events.cctrkl.com","domain":"cctrkl.com","tld":"com"},"ip":{"addr":"54.80.116.158","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-27T22:45:17.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events.cctrkl.com","organization":""},"issuer":{"commonName":"USERTrust RSA Domain Validation Secure Server CA","organization":"The USERTRUST Network"},"validity":{"start":"Thu, 13 Feb 2025 00:00:00 GMT","end":"Mon, 16 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E6:35:54:D2:60:3B:84:DF:9B:BC:76:E7:7A:D6:D7:DD:40:C7:7A:0F","sha256":"71:E8:9D:BE:6A:B1:D3:48:F0:86:40:50:32:01:4C:B8:4B:A1:29:15:5F:3E:4D:00:DF:F6:4A:66:A2:7E:3A:F2"}}},"request":{"raw":"GET /event/click?oid=3371\u0026pid=11103\u0026prov=ong\u0026lid=15\u0026rid=\u0026did=\u0026trg=https%3A%2F%2Fatt.com%2Fswitcherpayoff HTTP/1.1\r\nHost: events.cctrkl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: openresty/1.27.1.2\r\nDate: Thu, 27 Nov 2025 22:45:17 GMT\r\nContent-Type: application/json\r\nContent-Length: 0\r\nConnection: keep-alive\r\nx-amzn-RequestId: ecf6d946-e97d-4cb3-83d7-5155f9d9d45c\r\nx-amz-apigw-id: UuYjuFR4oAMEXog=\r\nLocation: https://att.com/switcherpayoff\r\nX-Amzn-Trace-Id: Root=1-6928d47d-6e41422675e16f8506b8e9d8;Parent=5c3e45ad6926dc01;Sampled=0;Lineage=1:3b2b0527:0\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15232,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T12:47:03.387186Z","times_seen":13375311,"resource_available":true,"data":null}},"time_used":1135,"timings":{"blocked":497,"dns":74,"connect":95,"send":0,"wait":140,"receive":1,"ssl":325},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"att.com/switcherpayoff","fqdn":"att.com","domain":"att.com","tld":"com"},"ip":{"addr":"144.160.36.42","port":443,"asn":797,"as":"AMERITECH-AS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-27T22:45:17.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"att.com","organization":"AT and T Services, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 14 Mar 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1F:57:97:AC:8B:35:CB:59:1D:5C:49:2D:B0:29:85:C7:82:09:A2:C6","sha256":"16:EB:BA:C0:25:A7:81:63:09:AE:D9:1B:1A:26:77:98:8C:44:12:EF:C5:23:8E:CD:E4:BD:25:A2:02:B8:D1:92"}}},"request":{"raw":"GET /switcherpayoff HTTP/1.1\r\nHost: att.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.0 301 Moved Permanently\r\nLocation: https://www.att.com/switcherpayoff\r\nServer: BigIP\r\nConnection: Keep-Alive\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"F5 BigIP","description":"F5's BIG-IP is a family of products covering software and hardware designed around application availability, access control, and security solutions.","website":"https://www.f5.com/products/big-ip-services","common_platform_enumeration":"cpe:2.3:a:f5:big-ip:*:*:*:*:*:*:*:*","icon":"F5.png","categories":["Reverse proxies"]}],"data":{"size":15232,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T12:47:03.387186Z","times_seen":13375311,"resource_available":true,"data":null}},"time_used":869,"timings":{"blocked":380,"dns":44,"connect":108,"send":0,"wait":108,"receive":0,"ssl":226},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/ETF","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-27T22:45:18.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rewardcenteroffers.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 25 Apr 2025 20:25:52 GMT","end":"Tue, 05 May 2026 17:17:47 GMT"},"fingerprint":{"sha1":"D8:CF:BD:66:C4:5B:EC:2F:D8:1F:1B:DB:30:00:40:E3:F9:A0:69:EF","sha256":"3D:65:52:61:CF:B1:3A:54:68:D3:14:4D:BA:B0:CE:73:D3:DB:F3:C5:6D:62:25:34:EA:8D:F9:AF:0E:C4:AB:2F"}}},"request":{"raw":"GET /ETF HTTP/1.1\r\nHost: rewardcenteroffers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 27 Nov 2025 22:45:19 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 6249\r\nConnection: keep-alive\r\nCache-Control: private\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nServer: \r\nX-AspNetMvc-Version: \r\nX-AspNet-Version: 4.0.30319\r\nRequest-Context: appId=cid-v1:09994b8f-9134-413e-8174-8f3ca4931f63\r\nAccess-Control-Expose-Headers: Request-Context\r\nX-UA-Compatible: IE=edge\r\nContent-Security-Policy: default-src 'self' *.ecustomersupport.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.msecnd.net *.ecustomersupport.com *.visualstudio.com https://www.google.com https://www.gstatic.com; frame-src 'self' *.ecustomersupport.com https://www.google.com; frame-ancestors 'self' *.ecustomersupport.com; connect-src *; img-src 'self' data:\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Powered-by: \r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":15232,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (338), with CRLF line terminators","md5":"12dd83955e0f7eb52c176d43ad573e84","sha1":"dc80c98c2e8d867d9296bff5d0b2633f3136de74","sha256":"ab349c4771ddb5efc6f66b96ddaa2688508cc1af9402bb2c35c8383769ade62f","sha512":"c3a115bf9f4ac581d9cc248032fa4cc3d4a229d3ce6d5542f10457261a77d13811403f77833e38790d7f5210c3df0979dce2aff1e507d809706d5d2a3de67781","ssdeep":"384:O31EQbLrNm06bhiccxS6wHI1/WBf9isd8U:O31EQfo06g1qNEU","tlshash":"6662f7315ac061b30a338242fb267a49ff79d1a79a079442b0ee579b0ff6c67847345e","first_seen":"2025-11-23T02:44:41.884764Z","last_seen":"2025-12-30T19:47:46.643775Z","times_seen":40,"resource_available":false,"data":null}},"time_used":1104,"timings":{"blocked":464,"dns":62,"connect":134,"send":0,"wait":175,"receive":0,"ssl":266},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/bundles/jqueryval?v=wBt3g9N2ilv_rRGMjRP2Wmupinu4VcfXCnObzHLC9bs1","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:19.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rewardcenteroffers.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 25 Apr 2025 20:25:52 GMT","end":"Tue, 05 May 2026 17:17:47 GMT"},"fingerprint":{"sha1":"D8:CF:BD:66:C4:5B:EC:2F:D8:1F:1B:DB:30:00:40:E3:F9:A0:69:EF","sha256":"3D:65:52:61:CF:B1:3A:54:68:D3:14:4D:BA:B0:CE:73:D3:DB:F3:C5:6D:62:25:34:EA:8D:F9:AF:0E:C4:AB:2F"}}},"request":{"raw":"GET /bundles/jqueryval?v=wBt3g9N2ilv_rRGMjRP2Wmupinu4VcfXCnObzHLC9bs1 HTTP/1.1\r\nHost: rewardcenteroffers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/ETF\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 27 Nov 2025 22:45:20 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 13607\r\nConnection: keep-alive\r\nCache-Control: public\r\nContent-Encoding: gzip\r\nExpires: Fri, 27 Nov 2026 22:45:20 GMT\r\nLast-Modified: Thu, 27 Nov 2025 22:45:20 GMT\r\nVary: User-Agent,Accept-Encoding\r\nServer: \r\nX-AspNet-Version: 4.0.30319\r\nRequest-Context: appId=cid-v1:09994b8f-9134-413e-8174-8f3ca4931f63\r\nAccess-Control-Expose-Headers: Request-Context\r\nX-UA-Compatible: IE=edge\r\nContent-Security-Policy: default-src 'self' *.ecustomersupport.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.msecnd.net *.ecustomersupport.com *.visualstudio.com https://www.google.com https://www.gstatic.com; frame-src 'self' *.ecustomersupport.com https://www.google.com; frame-ancestors 'self' *.ecustomersupport.com; connect-src *; img-src 'self' data:\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Powered-by: \r\nX-AspNetMvc-Version: \r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34497,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (34497), with no line terminators","md5":"bb45eb847c1f9e52df8d509f5bb62024","sha1":"5e45cb6fa0eb57cab081a16bab442dacb549236a","sha256":"bea9c910fb0adc090c3db7c326d56fdad5beeac6d35b093f4db30fcc5609b795","sha512":"a0e34396b07517560639b752720752aad81405824ae747a7cd5da9f13d5323cc5ac3601d4e76cf037885fc76a698dc584da9a5e5f5b8e020fb33f80f533cb35f","ssdeep":"768:oNGywNdAAtAlFH05IdjTvzpzfjny+uhkwWAkVJ9AcJKHsVH/t8S7:0GywNdF2lFH05IdjTvdLny+6WAUQHsVN","tlshash":"1bf2d98c76c2b0574fe730f8508b510ba1765a64605db028b6e8e4e2adf8ecd5077fb9","first_seen":"2025-09-12T21:08:05.212633Z","last_seen":"2026-02-26T21:40:27.965875Z","times_seen":77,"resource_available":true,"data":null}},"time_used":909,"timings":{"blocked":366,"dns":1,"connect":122,"send":0,"wait":170,"receive":1,"ssl":247},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dc.services.visualstudio.com/v2/track","fqdn":"dc.services.visualstudio.com","domain":"visualstudio.com","tld":"com"},"ip":{"addr":"20.50.88.233","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:21.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"in.applicationinsights.azure.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 04","organization":"Microsoft Corporation"},"validity":{"start":"Mon, 24 Nov 2025 20:37:57 GMT","end":"Sat, 23 May 2026 20:37:57 GMT"},"fingerprint":{"sha1":"27:70:AF:0C:82:8C:40:83:60:A4:D4:A4:0E:DF:FC:EF:D4:C3:EA:20","sha256":"B7:F5:45:5A:B3:9F:BC:49:01:EC:F2:37:4F:96:C3:3A:CE:1C:EC:A3:52:CE:52:EF:2C:46:0C:FE:91:2B:A5:56"}}},"request":{"raw":"POST /v2/track HTTP/1.1\r\nHost: dc.services.visualstudio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/json\r\nSdk-Context: appId\r\nContent-Length: 1285\r\nOrigin: https://rewardcenteroffers.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1285,"data":"[{\"time\":\"2025-11-27T22:45:21.245Z\",\"iKey\":\"0966782e-755f-4d40-a9dc-0eb1bd09cc6e\",\"name\":\"Microsoft.ApplicationInsights.0966782e755f4d40a9dc0eb1bd09cc6e.Pageview\",\"tags\":{\"ai.session.id\":\"UrOQE\",\"ai.session.isFirst\":\"true\",\"ai.device.id\":\"browser\",\"ai.device.type\":\"Browser\",\"ai.internal.sdkVersion\":\"javascript:1.0.21\",\"ai.user.id\":\"OPOrG\",\"ai.operation.id\":\"j3E5v\",\"ai.operation.name\":\"/ETF\"},\"data\":{\"baseType\":\"PageviewData\",\"baseData\":{\"ver\":2,\"name\":\"AT\u0026T Rewards - ETF\",\"url\":\"https://rewardcenteroffers.com/ETF\",\"duration\":\"00:00:04.303\",\"id\":\"j3E5v\"}}},{\"time\":\"2025-11-27T22:45:21.247Z\",\"iKey\":\"0966782e-755f-4d40-a9dc-0eb1bd09cc6e\",\"name\":\"Microsoft.ApplicationInsights.0966782e755f4d40a9dc0eb1bd09cc6e.PageviewPerformance\",\"tags\":{\"ai.session.id\":\"UrOQE\",\"ai.session.isFirst\":\"true\",\"ai.device.id\":\"browser\",\"ai.device.type\":\"Browser\",\"ai.internal.sdkVersion\":\"javascript:1.0.21\",\"ai.user.id\":\"OPOrG\",\"ai.operation.id\":\"j3E5v\",\"ai.operation.name\":\"/ETF\"},\"data\":{\"baseType\":\"PageviewPerformanceData\",\"baseData\":{\"ver\":2,\"name\":\"AT\u0026T Rewards - ETF\",\"url\":\"https://rewardcenteroffers.com/ETF\",\"duration\":\"00:00:04.303\",\"perfTotal\":\"00:00:04.303\",\"networkConnect\":\"00:00:02.381\",\"sentRequest\":\"00:00:00.175\",\"receivedResponse\":\"00:00:00.000\",\"domProcessing\":\"00:00:01.747\"}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json; charset=utf-8\r\nserver: Microsoft-HTTPAPI/2.0\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\ndate: Thu, 27 Nov 2025 22:45:21 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"78528c5fed032fd4823951d009984805","sha1":"6276fed2b5945cb849291e57a041270fdd2bbf3d","sha256":"ab35ce48c323d84dcbe20b617eb2f5f7b279b2cf19a4ff9c699130a7ddeb6516","sha512":"797857c389ddc8ca9cc9e9beb3071628d7cb9521d623388e2e334040926b26603e2290e452a645395a20502f2205ae1b19b0cde757836d3a783d2736ef04bbbc","ssdeep":"","tlshash":"5ab012021ca61a063810700c850638024084ece0c534f0f4cc5a86c3b2410510db384c","first_seen":"2025-09-12T21:08:05.23343Z","last_seen":"2026-02-26T21:40:27.975122Z","times_seen":77,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/Content/css?v=Ma_coZsf1251lDdSoaIFmUSUCT0_i-F_j4afk0R13RA1","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:19.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rewardcenteroffers.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 25 Apr 2025 20:25:52 GMT","end":"Tue, 05 May 2026 17:17:47 GMT"},"fingerprint":{"sha1":"D8:CF:BD:66:C4:5B:EC:2F:D8:1F:1B:DB:30:00:40:E3:F9:A0:69:EF","sha256":"3D:65:52:61:CF:B1:3A:54:68:D3:14:4D:BA:B0:CE:73:D3:DB:F3:C5:6D:62:25:34:EA:8D:F9:AF:0E:C4:AB:2F"}}},"request":{"raw":"GET /Content/css?v=Ma_coZsf1251lDdSoaIFmUSUCT0_i-F_j4afk0R13RA1 HTTP/1.1\r\nHost: rewardcenteroffers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/ETF\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 27 Nov 2025 22:45:19 GMT\r\nContent-Type: text/css; charset=utf-8\r\nContent-Length: 30661\r\nConnection: keep-alive\r\nCache-Control: public\r\nContent-Encoding: gzip\r\nExpires: Fri, 27 Nov 2026 22:45:19 GMT\r\nLast-Modified: Thu, 27 Nov 2025 22:45:19 GMT\r\nVary: User-Agent,Accept-Encoding\r\nServer: \r\nX-AspNet-Version: 4.0.30319\r\nRequest-Context: appId=cid-v1:09994b8f-9134-413e-8174-8f3ca4931f63\r\nAccess-Control-Expose-Headers: Request-Context\r\nX-UA-Compatible: IE=edge\r\nContent-Security-Policy: default-src 'self' *.ecustomersupport.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.msecnd.net *.ecustomersupport.com *.visualstudio.com https://www.google.com https://www.gstatic.com; frame-src 'self' *.ecustomersupport.com https://www.google.com; frame-ancestors 'self' *.ecustomersupport.com; connect-src *; img-src 'self' data:\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Powered-by: \r\nX-AspNetMvc-Version: \r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":131308,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65012), with no line terminators","md5":"f6748742a60edc84aaf8fe073e25a458","sha1":"d7f97ed2739e4fc02fad848375a3263b8e735026","sha256":"79a2db3c56f0dc38110e00aad31b9bca5e22c14e377a7594e254cd096ccd1607","sha512":"1c8026af68574045497a0a807238b7fc8664c2412d9eb2bdb76c945f129c2edeb3a3ea88d13f540cb7f00e65c154697ae8b3c1f9bf4c204a14b874c2a369af29","ssdeep":"768:8ZkbNQuc/Bsi1r+UtVIuiHHsAmQIKX8OABlPz1ZMKAE2BdU+JdOux1lVvH1FQ:FbNQtwGIuiHHsAm88lz12XdOcg","tlshash":"afd3b760f21031ea7233c55a71d0fe8b2219a153e5664fb7f22f25d88f895ca1673f1a","first_seen":"2025-11-23T02:44:41.883485Z","last_seen":"2026-02-26T21:40:27.969531Z","times_seen":49,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/bundles/jquery?v=Qw1VMXulYOjH95AyT2qDMej_8oAcRSoyy8wzILdNUvM1","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:19.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rewardcenteroffers.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 25 Apr 2025 20:25:52 GMT","end":"Tue, 05 May 2026 17:17:47 GMT"},"fingerprint":{"sha1":"D8:CF:BD:66:C4:5B:EC:2F:D8:1F:1B:DB:30:00:40:E3:F9:A0:69:EF","sha256":"3D:65:52:61:CF:B1:3A:54:68:D3:14:4D:BA:B0:CE:73:D3:DB:F3:C5:6D:62:25:34:EA:8D:F9:AF:0E:C4:AB:2F"}}},"request":{"raw":"GET /bundles/jquery?v=Qw1VMXulYOjH95AyT2qDMej_8oAcRSoyy8wzILdNUvM1 HTTP/1.1\r\nHost: rewardcenteroffers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/ETF\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 27 Nov 2025 22:45:20 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 41739\r\nConnection: keep-alive\r\nCache-Control: public\r\nContent-Encoding: gzip\r\nExpires: Fri, 27 Nov 2026 22:45:20 GMT\r\nLast-Modified: Thu, 27 Nov 2025 22:45:20 GMT\r\nVary: User-Agent,Accept-Encoding\r\nServer: \r\nX-AspNet-Version: 4.0.30319\r\nRequest-Context: appId=cid-v1:09994b8f-9134-413e-8174-8f3ca4931f63\r\nAccess-Control-Expose-Headers: Request-Context\r\nX-UA-Compatible: IE=edge\r\nContent-Security-Policy: default-src 'self' *.ecustomersupport.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.msecnd.net *.ecustomersupport.com *.visualstudio.com https://www.google.com https://www.gstatic.com; frame-src 'self' *.ecustomersupport.com https://www.google.com; frame-ancestors 'self' *.ecustomersupport.com; connect-src *; img-src 'self' data:\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Powered-by: \r\nX-AspNetMvc-Version: \r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91714,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"fe87d580e12dd0f976ca3d9d15768e95","sha1":"eaefbbc524609558561ad7503d0d5c21eb43c1f3","sha256":"61b3bd103745535c83ee4d3f62d8480825623f789c698e6566b594bfcb44f282","sha512":"e66f9138f7aa834e69299a9b43d9cda457fd9df4861e91bf2f9039ac3fa013eec9a46b462910427d95561dcb151607dd5d5aa8dd4d37a9bceec6dffb9a6ea318","ssdeep":"1536:+7khn1KLiK+6a+gx1Lh+CNsAlxJd97f48WF/xTLw03XR3c8h4DZwC16+:ZX/+CWE/4TLw03Bx4wC1x","tlshash":"f0930bdcb6c2b0634ba770f900bf154bb136195968ad9410f164e8f87c78a4e907bfad","first_seen":"2025-09-12T21:08:05.199374Z","last_seen":"2026-02-26T21:40:27.970301Z","times_seen":77,"resource_available":true,"data":null}},"time_used":992,"timings":{"blocked":356,"dns":0,"connect":118,"send":0,"wait":161,"receive":117,"ssl":238},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/bundles/bootstrap?v=M4Nk6kIOwMFflsEKET0iPL9i5YBqbzMzvUOrd8gyCnw1","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:19.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rewardcenteroffers.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 25 Apr 2025 20:25:52 GMT","end":"Tue, 05 May 2026 17:17:47 GMT"},"fingerprint":{"sha1":"D8:CF:BD:66:C4:5B:EC:2F:D8:1F:1B:DB:30:00:40:E3:F9:A0:69:EF","sha256":"3D:65:52:61:CF:B1:3A:54:68:D3:14:4D:BA:B0:CE:73:D3:DB:F3:C5:6D:62:25:34:EA:8D:F9:AF:0E:C4:AB:2F"}}},"request":{"raw":"GET /bundles/bootstrap?v=M4Nk6kIOwMFflsEKET0iPL9i5YBqbzMzvUOrd8gyCnw1 HTTP/1.1\r\nHost: rewardcenteroffers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/ETF\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 27 Nov 2025 22:45:20 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 14183\r\nConnection: keep-alive\r\nCache-Control: public\r\nContent-Encoding: gzip\r\nExpires: Fri, 27 Nov 2026 22:45:20 GMT\r\nLast-Modified: Thu, 27 Nov 2025 22:45:20 GMT\r\nVary: User-Agent,Accept-Encoding\r\nServer: \r\nX-AspNet-Version: 4.0.30319\r\nRequest-Context: appId=cid-v1:09994b8f-9134-413e-8174-8f3ca4931f63\r\nAccess-Control-Expose-Headers: Request-Context\r\nX-UA-Compatible: IE=edge\r\nContent-Security-Policy: default-src 'self' *.ecustomersupport.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.msecnd.net *.ecustomersupport.com *.visualstudio.com https://www.google.com https://www.gstatic.com; frame-src 'self' *.ecustomersupport.com https://www.google.com; frame-ancestors 'self' *.ecustomersupport.com; connect-src *; img-src 'self' data:\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Powered-by: \r\nX-AspNetMvc-Version: \r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":39393,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (39393), with no line terminators","md5":"eea0627622cce270130cc24c0f738cc2","sha1":"6a61c82ce4e69f08fe7a27ea5dd6e91dac331a77","sha256":"a71fd6207f6416a9147eab09c1cafe22c8104507dd6391248ea2921bf7d8d78b","sha512":"fecc843f98526c92ffb3482d6fa36ed25532800642061f1e599c30aed15e7636fd65e714013947d11ece1929112c282f8b9b56b60480f47a4afe75fbf2ac3170","ssdeep":"768:plrmwl6Ml+UGN8KRU1hOT23avtwbRtfi61Omv463bv:BnAM3EqitL63bv","tlshash":"5b03820ab23035a10befa1e5505b120d72366f2df947526c78a9daf22db5c08316bf7d","first_seen":"2023-03-07T01:07:15Z","last_seen":"2026-03-31T20:57:54.643152Z","times_seen":195,"resource_available":true,"data":null}},"time_used":942,"timings":{"blocked":380,"dns":0,"connect":127,"send":0,"wait":174,"receive":1,"ssl":258},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dc.services.visualstudio.com/v2/track","fqdn":"dc.services.visualstudio.com","domain":"visualstudio.com","tld":"com"},"ip":{"addr":"20.50.88.233","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:21.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"in.applicationinsights.azure.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 04","organization":"Microsoft Corporation"},"validity":{"start":"Mon, 24 Nov 2025 20:37:57 GMT","end":"Sat, 23 May 2026 20:37:57 GMT"},"fingerprint":{"sha1":"27:70:AF:0C:82:8C:40:83:60:A4:D4:A4:0E:DF:FC:EF:D4:C3:EA:20","sha256":"B7:F5:45:5A:B3:9F:BC:49:01:EC:F2:37:4F:96:C3:3A:CE:1C:EC:A3:52:CE:52:EF:2C:46:0C:FE:91:2B:A5:56"}}},"request":{"raw":"OPTIONS /v2/track HTTP/1.1\r\nHost: dc.services.visualstudio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,sdk-context\r\nReferer: https://rewardcenteroffers.com/\r\nOrigin: https://rewardcenteroffers.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: Microsoft-HTTPAPI/2.0\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy,Content-Encoding\r\naccess-control-allow-methods: POST\r\naccess-control-max-age: 3600\r\ndate: Thu, 27 Nov 2025 22:45:20 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T12:47:03.387186Z","times_seen":13375311,"resource_available":true,"data":null}},"time_used":607,"timings":{"blocked":286,"dns":239,"connect":18,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:19.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rewardcenteroffers.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 25 Apr 2025 20:25:52 GMT","end":"Tue, 05 May 2026 17:17:47 GMT"},"fingerprint":{"sha1":"D8:CF:BD:66:C4:5B:EC:2F:D8:1F:1B:DB:30:00:40:E3:F9:A0:69:EF","sha256":"3D:65:52:61:CF:B1:3A:54:68:D3:14:4D:BA:B0:CE:73:D3:DB:F3:C5:6D:62:25:34:EA:8D:F9:AF:0E:C4:AB:2F"}}},"request":{"raw":"GET /bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1 HTTP/1.1\r\nHost: rewardcenteroffers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/ETF\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 27 Nov 2025 22:45:20 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 5292\r\nConnection: keep-alive\r\nCache-Control: public\r\nContent-Encoding: gzip\r\nExpires: Fri, 27 Nov 2026 22:45:20 GMT\r\nLast-Modified: Thu, 27 Nov 2025 22:45:20 GMT\r\nVary: User-Agent,Accept-Encoding\r\nServer: \r\nX-AspNet-Version: 4.0.30319\r\nRequest-Context: appId=cid-v1:09994b8f-9134-413e-8174-8f3ca4931f63\r\nAccess-Control-Expose-Headers: Request-Context\r\nX-UA-Compatible: IE=edge\r\nContent-Security-Policy: default-src 'self' *.ecustomersupport.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.msecnd.net *.ecustomersupport.com *.visualstudio.com https://www.google.com https://www.gstatic.com; frame-src 'self' *.ecustomersupport.com https://www.google.com; frame-ancestors 'self' *.ecustomersupport.com; connect-src *; img-src 'self' data:\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Powered-by: \r\nX-AspNetMvc-Version: \r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":11095,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (11095), with no line terminators","md5":"efeac4bcc64c045f413f90ceba3f836e","sha1":"f6e4af16612d2c740e0d62440fce784290eab928","sha256":"9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d","sha512":"8d0b20e90eb1de8e68918c9306dee3ce0453cb176d463d1061fbe50fac804ffa0c3682da42a6c53b99cbdc2f3c1809744a64538bd47ccf68865c1774baded878","ssdeep":"192:Ge9ZNR5GciQ3M1l8I3WsIYbXjP4lr8hvK3ozLZUnT:L9ZNRB3M1l82WqXjPYrEyUZUT","tlshash":"7f32d78c70a2710d439be0bf21bf460ef27e595849644504d1aec8bdbdb4c98827bf6d","first_seen":"2023-03-07T01:07:15Z","last_seen":"2026-04-04T15:28:11.18076Z","times_seen":956,"resource_available":true,"data":null}},"time_used":867,"timings":{"blocked":352,"dns":1,"connect":116,"send":0,"wait":160,"receive":0,"ssl":236},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rewardcenteroffers.com/Content/Images/attglobe.png","fqdn":"rewardcenteroffers.com","domain":"rewardcenteroffers.com","tld":"com"},"ip":{"addr":"52.230.227.157","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rewardcenteroffers.com/ETF","date":"2025-11-27T22:45:19.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rewardcenteroffers.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 25 Apr 2025 20:25:52 GMT","end":"Tue, 05 May 2026 17:17:47 GMT"},"fingerprint":{"sha1":"D8:CF:BD:66:C4:5B:EC:2F:D8:1F:1B:DB:30:00:40:E3:F9:A0:69:EF","sha256":"3D:65:52:61:CF:B1:3A:54:68:D3:14:4D:BA:B0:CE:73:D3:DB:F3:C5:6D:62:25:34:EA:8D:F9:AF:0E:C4:AB:2F"}}},"request":{"raw":"GET /Content/Images/attglobe.png HTTP/1.1\r\nHost: rewardcenteroffers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rewardcenteroffers.com/ETF\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 27 Nov 2025 22:45:20 GMT\r\nContent-Type: image/png\r\nContent-Length: 2592\r\nConnection: keep-alive\r\nLast-Modified: Wed, 19 Nov 2025 02:37:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"07e9274fd58dc1:0\"\r\nServer: \r\nX-UA-Compatible: IE=edge\r\nContent-Security-Policy: default-src 'self' *.ecustomersupport.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.msecnd.net *.ecustomersupport.com *.visualstudio.com https://www.google.com https://www.gstatic.com; frame-src 'self' *.ecustomersupport.com https://www.google.com; frame-ancestors 'self' *.ecustomersupport.com; connect-src *; img-src 'self' data:\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Powered-by: \r\nX-AspNetMvc-Version: \r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2592,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced","md5":"32f92039dfc097125eba5ee30ff481fd","sha1":"6d755ff06a1c9714a2f211eb4e2842ba07bde3de","sha256":"d47cf9f8fb204daf2c0cf03038385cda1ce0d65f1e4d5f655ee28fafdb4587a0","sha512":"da30c85b61911456d4f31399d4ba54317a319a65009235f3e8e3c193d69b1e6691c56b6f988275b9abf88e657b6982007429b4eb952080e333f056f93f70a338","ssdeep":"","tlshash":"8f513cd6ead0a405ca81f5c114dcca47b31b438446eef4eaec8aa50717589bc8c1ccc9","first_seen":"2025-08-15T16:39:02.833247Z","last_seen":"2026-02-26T21:40:27.971013Z","times_seen":128,"resource_available":false,"data":null}},"time_used":806,"timings":{"blocked":632,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}