urlscan.io logo urlscan.io
SecurityTrails logo

www.rewardwell.rest Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lp...
Effective URL: https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbg...
Submission: On August 07 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 24 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.rewardwell.rest.
TLS certificate: Issued by WE1 on July 30th 2024. Valid for: 3 months.
This is the only time www.rewardwell.rest was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 188.114.97.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.18.95.41 13335 (CLOUDFLAR...)
2 104.18.94.41 13335 (CLOUDFLAR...)
24 5
Apex Domain
Subdomains		 Transfer
14 rewardwell.rest
www.rewardwell.rest
153 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3877
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
75 KB
24 3
Domain Requested by
14 www.rewardwell.rest www.rewardwell.rest
4 challenges.cloudflare.com www.rewardwell.rest
challenges.cloudflare.com
1 www.googletagmanager.com www.rewardwell.rest
24 3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
rewardwell.rest
WE1		 2024-07-30 -
2024-10-28		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
challenges.cloudflare.com
E5		 2024-07-17 -
2024-10-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Frame ID: DCA2B98B1758B5BAD00A23C136FC9367
Requests: 22 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9ocus/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 7F24C2EEB0B08D3340B0D5C3F1CE2661
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1f738/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 809DF0C5CF1CB0DFFFBE76D2AB770ACB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Even geduld...

Page URL History Show full URLs

  1. http://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22... HTTP 307
    https://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22... Page URL
  2. https://www.rewardwell.rest/offer.php?id=39&sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22... Page URL
  3. http://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjk... HTTP 307
    https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjk... Page URL
  4. https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjk... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

79 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

5
IPs

3
Countries

243 kB
Transfer

647 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq HTTP 307
    https://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq Page URL
  2. https://www.rewardwell.rest/offer.php?id=39&sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq Page URL
  3. http://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq HTTP 307
    https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq Page URL
  4. https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq HTTP 307
  • https://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Request Chain 4
  • http://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq HTTP 307
  • https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/
Redirect Chain
  • http://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
  • https://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
1 KB
877 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e213047ca98435c7c3b08f452dadc3c6e0a7690976c17d824c42c137b12e63

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8af4f7850d4f2bf6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Aug 2024 05:46:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJxGqiyhA%2FtCXwYqKvFy%2F%2FbsElYFR7FJCiTZaZeD6kdlBFft%2BbsL%2FD9yz8ItTPRLRSnlo7z3Q0XcaWVUK8D6ZKfYvpKz44tPG45NHab%2B2pH24czcmmEqKgNgCHQmPVOTnZDYAwP5"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Non-Authoritative-Reason
HttpsUpgrades
jquery-1.11.0.min.js
www.rewardwell.rest/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rewardwell.rest/jquery-1.11.0.min.js
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 05:46:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 May 2024 23:51:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66342710-1787d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fv6DteEbHY9dLwwZcK93IZdJtCOVPvA3rOuZQtCKq9SfJ4n2HhJGwmuuvcDjo2Y2A39DeKnIgVXPM7jLHgxaRm9qrlpLNGWNvV%2B5nxIFoFP8MIj0CpeUSUrK2qlIrGXdfxWRhLQ7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8af4f7873f242bf6-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		208 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40d4fd88d78e9a6d993f8ff56c0d7d097c280e030a776ef96ef919a9652577d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.rewardwell.rest/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 05:46:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76655
x-xss-protection
0
last-modified
Wed, 07 Aug 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Aug 2024 05:46:33 GMT
offer.php
www.rewardwell.rest/ 		356 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rewardwell.rest/offer.php?id=39&sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.rewardwell.rest/ysvcdbafvp/moqinkd6912hdhruek/qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8af4f78bbb812bf6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Aug 2024 05:46:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUSLb3dbylgd8FWVQMUKIgLQLAAzlVa7Cu%2Bqc9JetUbPmqGaqAPCw3OVJVpjBj%2FJfFMsdLICkLSYYqjyXncVXH3pm31vd%2FNmIXigtJ9sx407zx98BDdwBBERY%2Fvdev86cKdtMGhA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
offgrid.php
www.rewardwell.rest/clicks/bpage/
Redirect Chain
  • http://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
  • https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cf2811375cfb6421f20707fb9f0af8a53be1f931667ab4cacf92224aaef637
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.rewardwell.rest/offer.php?id=39&sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
nbTuM85QyPxIBAQzaUgC4ox3C04z8YXS3aX+nQWgnwdeTIa1HvWIB7aJ6ojrjVcl1xeJWoay7DoAwVnOLNcveM80R6u8uNbFC/I0iaf4Yyv9wRHErHpFB432CorwQ9cfbxDGBzT9CS7/wP7Q92sPuQ==$QDa3bQ6aeHXkEct8WbsNQw==
cf-mitigated
challenge
cf-ray
8af4f78d6d6e2bf6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 07 Aug 2024 05:46:34 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zm4TIRCuKNqVjFpQVo441dqyysKLzjJohR3pyig2DllNKGFpDfHfJCDincfSscj1kAkRKiFjoKqEitx0FkIgxDCnArfL%2FeSDzqBzHGLcEToiWuXuOYZClkbpJ%2F5paNSBZdDagIGG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
www.rewardwell.rest/ 		0
0
v1
www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8af4f78d6d6e2bf6
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8356c285e7c5dde6ecbeb608f8540e47e5ebd61c753ca5c3ace6a3c4b19f496

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq&__cf_chl_rt_tk=WYTzzTPb6lw8ghzEvMx86C30VbVJ.VdprGedsOK3i0k-1723009594-0.0.1.1-3582
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 05:46:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZAPRaQ3QZxnRaZwir8UQkygLBTEpIG1WierYlDK18t3D4KfCv2K5RScbfT2CNA20rvtL0QSMNFEgGEszDaJDVIIon7EYSTJfXgs0Wr97%2BSQzOrCAfTlexcnMUk6fXPqSErn0sCH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8af4f790687a2bf6-FRA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js?onload=CECj8&render=explicit
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8af4f78d6d6e2bf6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce9b46c18d0769c78a7e889eb237606cb96b602061b39b4c1159a22a015b51df

Request headers

Referer
Origin
https://www.rewardwell.rest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 05:46:35 GMT
content-encoding
br
last-modified
Thu, 01 Aug 2024 13:51:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy
cross-origin
cf-ray
8af4f7943ebd366c-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
www.rewardwell.rest/ 		1 KB
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rewardwell.rest/favicon.ico
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 05:46:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 May 2024 23:51:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
W/"66342716-57e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BnDNEjn2YuPPFfra9diWpj1yWorn7jlaM%2BdSMgfMuxohi6wXQLVeJpfXbRwA8GLBLq%2BG%2BARa7QwFLvrCoiXd4KwlLK8vwDi7My1T%2FgdFFs3dhM1IPQtPLVYvo7rISpsGzDsh9f52"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8af4f7928a9c2bf6-FRA
alt-svc
h3=":443"; ma=86400
203d3e82c1b5f06
www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/flow/ov1/827886690:1723007425:7hYGoPc8EbhM8bOEWYxEht6KuG9s4jHYGcN-8iV1_Yk/8af4f78d6d6e2bf6/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/flow/ov1/827886690:1723007425:7hYGoPc8EbhM8bOEWYxEht6KuG9s4jHYGcN-8iV1_Yk/8af4f78d6d6e2bf6/203d3e82c1b5f06
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8af4f78d6d6e2bf6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba2a4df391b78e69cb3fe01a834f4fee8d411838a3c5157e2ef67b706a24898c

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
CF-Challenge
203d3e82c1b5f06
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 07 Aug 2024 05:46:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s73PTx%2FccBqgV5VubHbj8VUQgvAq2NbupCPB1APEnXYHf1y8qkAI6x3xdANtl9Ndlp7IwYexKnwa42vsEGI7Th4NGkNZGaXuqEo095OZk8pH03SvqVKmUaIFqKto5HTxxT2GX3RF"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8af4f7932b392bf6-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
Kr0X9Ua5QD0pmYJIA6/LS9MtPdJBsamNb9Rt6qZ3cP4gh6qKOBCUhvO62U1adp10EpO3Pxt7ww==$9wlioMTJ4p6Dyhel
6d3ced31-f98d-4ee8-bc99-a83f7602ddfa
https://www.rewardwell.rest/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.rewardwell.rest/6d3ced31-f98d-4ee8-bc99-a83f7602ddfa
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9ocus/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 7F24 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9ocus/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js?onload=CECj8&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8af4f7964b549f26-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 07 Aug 2024 05:46:35 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
6af7a0b6-ddca-4ddc-a9c7-340499a4dacd
https://www.rewardwell.rest/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.rewardwell.rest/6af7a0b6-ddca-4ddc-a9c7-340499a4dacd
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript
favicon.ico
www.rewardwell.rest/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.rewardwell.rest/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 05:46:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 May 2024 23:51:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
W/"66342716-57e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BnDNEjn2YuPPFfra9diWpj1yWorn7jlaM%2BdSMgfMuxohi6wXQLVeJpfXbRwA8GLBLq%2BG%2BARa7QwFLvrCoiXd4KwlLK8vwDi7My1T%2FgdFFs3dhM1IPQtPLVYvo7rISpsGzDsh9f52"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8af4f7928a9c2bf6-FRA
alt-svc
h3=":443"; ma=86400
203d3e82c1b5f06
www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/flow/ov1/827886690:1723007425:7hYGoPc8EbhM8bOEWYxEht6KuG9s4jHYGcN-8iV1_Yk/8af4f78d6d6e2bf6/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/flow/ov1/827886690:1723007425:7hYGoPc8EbhM8bOEWYxEht6KuG9s4jHYGcN-8iV1_Yk/8af4f78d6d6e2bf6/203d3e82c1b5f06
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8af4f78d6d6e2bf6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c271900a02843f8220d9766ec8a18fac973e43b5e31acbb364b00b86083335fe

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
CF-Challenge
203d3e82c1b5f06
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out-s
ZNeEvWAl5BltWBZe+2UPiy0K4qEafRFaZWRnFw5HSa4g2FM9BZ9nYfUySxLPsmQnMifCgBJ2m/XAW7mFaQ/MVEDQTHWMvoUf9wQxp/nGxn2eNnl+vtJKViCX5w4uOuaMr4gUVwQHulW8wGNVfpYzfSD8CDLPRc8EqiWT+PJTPA1ftRQNjXg5zvO7KNwa0fDdW6nCnRUyVkpbMzAg7StCPNwzqC601E1A4NbLBRcnxKRCaMEfUtY7wcOaQ3FdHieRopyR+Yr03rzildcuHspsBk+Wnt8F0p9IOUij2/zeTCu+SEn05ix5QnWCId56puqpBdufctYFpqxjLYbNkGIc+11uhFNqrZFpCC2AWHzz$uK56VmhpihYUJbrd
cf-chl-out
3UenbWniI+XnPm91nDuyTFxgmIelAEhSJBJEHSRDtpkLc+eQOvTGndZQPDYu9IgQLab8NtYMpGs5ERCnwrL8kdDi5wu9DqP5qasdCzJgn3dczZ+qTpu6qA==$khaP5QyIJo9CLgwb
date
Wed, 07 Aug 2024 05:46:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fY3xsWpvru8JAlt1tGFPiwPoIf5XsciT8tiyIg59EiND0guWWUIJ1uhyMhg9%2BvaNHR2lBU%2Bn8iL5g9ZY4T5zdZABDkDrZY8nAfzcpP2CJVqbNISGIWxRr0p4uGmZ18dbOrGhwgsF"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8af4f7aa9cf92bf6-FRA
alt-svc
h3=":443"; ma=86400
Primary Request offgrid.php
www.rewardwell.rest/clicks/bpage/ 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8af4f78d6d6e2bf6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b0f3b517ec94381d64967cd39929ceefe0be492d3674bfbac13ab3b4c3fb9a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
2Cl9Utm+O1XUsd8PNJNRntcNyzJFesQjuUSALusu4cOXYaFItJ9uZDuUPOi9ik7E30NBp9n9nYPOctWVa1hkUoibNQWObv1OJGbpNNzMiPy+B8norfhXA3u93lUAtbDUaIgdAiIHZHTL6m2S+wqNEA==$UMZ6hBz8nBuPgmu7xReoGg==
cf-mitigated
challenge
cf-ray
8af4f7b8be032bf6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 07 Aug 2024 05:46:41 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jlQ%2FWZpSm77lEcJbKUs3FV%2BB0Ed%2B3QScFmKmEeWFJO0fvDYaOdnne9YHYEhAAi0BTMeINPmM%2FyfrOs%2BSDS8p1W5kCjhY2rDXDXEhLGk9cdWge5iKKOR7cH1%2BxWGHHUF7NIKTZUq5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
v1
www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8af4f7b8be032bf6
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0359913ff63060372c42c2ea56ed383a74aa3859bb708365aad1e07cf9417cb

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq&__cf_chl_rt_tk=rF5ON_Vt9HKL5geEqJOKPKAYl1mCOrypnVI.APIajkg-1723009601-0.0.1.1-3817
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 05:46:41 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RCa4Wt3eM544X7XJBuucnQpcDOkdyZ7OA5dbtyfPjfLW32veLuA%2FtryF%2FC6HdPA4c1dbWA9gvN2UAcFQRY04leB9sWaU6qDKJgQAyPIPbtjBPJtTSoysXD9IFpY3swpcU96uFqPs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8af4f7b94e962bf6-FRA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/ 		43 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js?onload=CECj8&render=explicit
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8af4f7b8be032bf6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce9b46c18d0769c78a7e889eb237606cb96b602061b39b4c1159a22a015b51df

Request headers

Referer
Origin
https://www.rewardwell.rest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 05:46:35 GMT
content-encoding
br
last-modified
Thu, 01 Aug 2024 13:51:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy
cross-origin
cf-ray
8af4f7943ebd366c-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
www.rewardwell.rest/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rewardwell.rest/favicon.ico
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 05:46:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 May 2024 23:51:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
W/"66342716-57e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BnDNEjn2YuPPFfra9diWpj1yWorn7jlaM%2BdSMgfMuxohi6wXQLVeJpfXbRwA8GLBLq%2BG%2BARa7QwFLvrCoiXd4KwlLK8vwDi7My1T%2FgdFFs3dhM1IPQtPLVYvo7rISpsGzDsh9f52"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8af4f7928a9c2bf6-FRA
alt-svc
h3=":443"; ma=86400
997eeb28-7830-4945-8cc7-bed34b164885
https://www.rewardwell.rest/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.rewardwell.rest/997eeb28-7830-4945-8cc7-bed34b164885
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
favicon.ico
www.rewardwell.rest/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.rewardwell.rest/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 05:46:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 May 2024 23:51:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
W/"66342716-57e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BnDNEjn2YuPPFfra9diWpj1yWorn7jlaM%2BdSMgfMuxohi6wXQLVeJpfXbRwA8GLBLq%2BG%2BARa7QwFLvrCoiXd4KwlLK8vwDi7My1T%2FgdFFs3dhM1IPQtPLVYvo7rISpsGzDsh9f52"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8af4f7928a9c2bf6-FRA
alt-svc
h3=":443"; ma=86400
c75d3375a2143cd
www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/flow/ov1/272417703:1723007487:2xzQasEUfwo7FcLcGtYUDKBb9vwsWG2lFUvtXTLWVQI/8af4f7b8be032bf6/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/flow/ov1/272417703:1723007487:2xzQasEUfwo7FcLcGtYUDKBb9vwsWG2lFUvtXTLWVQI/8af4f7b8be032bf6/c75d3375a2143cd
Requested by
Host: www.rewardwell.rest
URL: https://www.rewardwell.rest/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8af4f7b8be032bf6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d34dc22974a405452e2772e94cdbced9d0675e45610704dbd30c08899130a65

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
CF-Challenge
c75d3375a2143cd
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 07 Aug 2024 05:46:41 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqPovwdh1Jncvk2bp50Tt5PpqRKw0Ky7Lc66aALsP86bPx3DTTTeizVf%2F%2B7ii2zNTswqqBO5KjKoAox%2F6qcTyPUGJ5kJZ9mJOM4hka003aDJPf5Umb0HdUMBz0LNCRYDBNNBh6I0"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8af4f7bb28642bf6-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
1rKxme/UNfOiG+t0/DrcadA1ZlneNeTopeGcUR7AHwxa7x/bp28uap3A8tDHpBFm7AhR/RPozQ==$hjIR/Hc+eyPQ3Jg3
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1f738/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 809D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1f738/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js?onload=CECj8&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8af4f7be8d539f26-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 07 Aug 2024 05:46:42 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
64f0906f-b813-467d-8a65-9df4db1ecbe9
https://www.rewardwell.rest/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.rewardwell.rest/64f0906f-b813-467d-8a65-9df4db1ecbe9
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Referer
https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.rewardwell.rest
URL
https://www.rewardwell.rest/favicon.ico

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| CECj8 boolean| fhekl3 function| uFbqo3 function| scsw3 function| FiUB2 function| lxIY6 function| gGkvi2 function| woib5 object| BHvSj5 object| XtTJ3 object| GBym3 number| fTUf2 object| angular string| XtEf8 object| turnstile boolean| XgXVZ6 boolean| ksUH3

1 Cookies

Domain/Path Name / Value
www.rewardwell.rest/ Name: cf_chl_rc_ni
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.rewardwell.rest/clicks/bpage/offgrid.php?sid=1036770&h=qep1voftgrtca0nxrptzo_ebvoekr0az2qdjklztwbe/22qcg8k-himbgneqbnx-lpio42csv_rhsi3_ts_galfmdvb9mdtmqroh7vky0lgq
Message:
Failed to load resource: the server responded with a status of 403 ()