ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash 45c44320445221beacf6cb407a7724b0
6123b952d3ee7cd14358b82305e95c73cba0d906
ce74ba8d47e2cf668b51f8394d3a99e83bf7056e819762e55287712b46a1299b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 30 May 2023 06:41:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 May 2023 02:07:07 GMT
Expires: Mon, 05 Jun 2023 02:07:06 GMT
Etag: "6123b952d3ee7cd14358b82305e95c73cba0d906"
Cache-Control: max-age=502757,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cf4fe8c59ccb4ff-OSL
datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
37.48.68.71 2 B URL datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1593
Origin: https://cdntechone.com
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 30 May 2023 06:41:57 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
cdntechone.com/stattag.js
104.21.29.183200 OK 7.7 kB URL GET HTTP/2 cdntechone.com/stattag.js
IP 104.21.29.183:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (17871)
Hash 0fdff67feab23cc69ecfb6800fc54cb7
eb84c650e6d27e290795207b1f37dd7b67f2aa06
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 06:41:57 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:53 GMT
etag: W/"646736c9-4859"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Er9xCKPCIIB7APr2f9xtySa5MMWeAa7xKFsksreR8howGNgyb1sgf3fZv0b05Hi%2FsdtdlN7zgZljs5yhDTX23%2BMOBHSRNMHsvNZVmmjVTAx1Xk4o9%2BIgo%2FefrZGSzZaTgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf4fe8f79d7b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-F0JFDXF7TQ
142.250.74.168200 OK 88 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-F0JFDXF7TQ
IP 142.250.74.168:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (6408)
Hash 5c97ce2f80739979491c69241b6cb371
7ce3d84586187d750a13a253515ca695dcf5eb5c
f0c2ebb775ebcb7b0d48d7f4d9f5abbef2b652f36df6606bf04dce84c075b9c3
GET /gtag/js?id=G-F0JFDXF7TQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 30 May 2023 06:41:57 GMT
expires: Tue, 30 May 2023 06:41:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88263
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash ca8cca05e813856677c0ba3133770742
688ee02bc307e73cef39bb1f1747b3e8845cecef
9f6e94f2196a935cb4dfe085aa6a3528a310faf58816e949dca6130e6dc8a41a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 06:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stootsou.net/zone?pub=0&zone_id=5776812&is_mobile=false&domain=rewardarium.com&var=zd_5833048&ymid=687266642864124049&var_3=
139.45.197.250200 OK 880 B URL GET HTTP/2 stootsou.net/zone?pub=0&zone_id=5776812&is_mobile=false&domain=rewardarium.com&var=zd_5833048&ymid=687266642864124049&var_3=
IP 139.45.197.250:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type JSON data\012- , ASCII text, with very long lines (879)
Hash ee62be1e7ae4899da9044737dd07e635
ab6cd84336e9426ef98fa450f2288f195bc6d826
44287053ad37f51c2f6145d391db985e5876c57c67a111c452cdfff440db2d68
GET /zone?pub=0&zone_id=5776812&is_mobile=false&domain=rewardarium.com&var=zd_5833048&ymid=687266642864124049&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:57 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: 05d7e12f72dd9b7f6a03cac35ca18b4e
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash 23cafd2f23f997956352672f021ce6d1
732a931da2b75e53224cfa78c5ec91e7b3350532
6d0dd9e8cd03e2e41a8360321752df46523ac7463df5cbfff19961dbce3a8e6e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 30 May 2023 06:41:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 17:19:59 GMT
Expires: Sun, 04 Jun 2023 17:19:58 GMT
Etag: "732a931da2b75e53224cfa78c5ec91e7b3350532"
Cache-Control: max-age=470877,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cf4fe930a07b4ff-OSL
stootsou.net/pfe/current/universal.min.js?v=3.1.435
139.45.197.250200 OK 34 kB URL GET HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.435
IP 139.45.197.250:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 45c3e6baf2eaa5a150176ef10a606f42
a91ab9747fe1e36a9e5cea29aa79dbbbdc92734a
4426f5b8bc8293a403919c01d55c0db5fced8b8b65f23c171257e380a043d688
GET /pfe/current/universal.min.js?v=3.1.435 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:57 GMT
content-type: application/javascript
last-modified: Mon, 29 May 2023 10:02:24 GMT
etag: W/"64747830-19367"
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
i.th61.com/watch?zone=5776779&var=zd_5833048&ymid=687266642864124049&s=3
172.67.146.173 10 B URL POST i.th61.com/watch?zone=5776779&var=zd_5833048&ymid=687266642864124049&s=3
IP 172.67.146.173:0
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint80:B8:25:47:ED:82:D4:A7:46:25:E7:D0:EF:21:B6:EE:31:E1:D5:63
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash c9a9781ba3fb947a872fcb87001ad3ee
02bd1a27e4d29b307eda034441054d65848ea200
f54b952a5a360e360a67ee0816f576e8aaa89ff2a29e0f337f0104f0d4bd6a85
POST /watch?zone=5776779&var=zd_5833048&ymid=687266642864124049&s=3 HTTP/1.1
Host: i.th61.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Tue, 30 May 2023 06:41:58 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAexojF6ZJH%2FM8%2BHvOxlmQcQz%2B%2Bm3RfVCjkLp4QmefaGjwGTjFOtrqj5nrrCyJ%2BQf8GSyIdwV3P7Ug9benAkyhZwT%2FBzX9GXMPNRuBgFRNIuufIXyOIuAjhFrR0P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf4fe8fdc70b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=merge&userId=80512e47d6794d9e9f04b3935bda1be7
139.45.195.8 43 B URL my.rtmark.net/img.gif?f=merge&userId=80512e47d6794d9e9f04b3935bda1be7
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=80512e47d6794d9e9f04b3935bda1be7 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://psaudous.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:58 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=80512e47d6794d9e9f04b3935bda1be7; expires=Wed, 29 May 2024 06:41:58 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
rewardarium.com/favicon.ico
188.114.96.1200 OK 10 kB URL GET HTTP/3 rewardarium.com/favicon.ico
IP 188.114.96.1:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectrewardarium.com
FingerprintE9:09:05:81:43:DE:42:13:8F:E6:CA:66:34:30:0C:F1:2C:8D:E1:7E
ValidityThu, 06 Apr 2023 14:36:16 GMT - Wed, 05 Jul 2023 14:36:15 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2309)
Hash e49a31eaa46944c3f2d781d307247d5f
ba198681ce281d5ddd90169890ec75b6d3180f8a
75deff6af077a5a751629d516d50a7aaa7b35c34669ef4b2582d3a1af63b42bf
GET /favicon.ico HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
DNT: 1
Connection: keep-alive
Cookie: _ga_F0JFDXF7TQ=GS1.1.1685428917.1.0.1685428917.0.0.0; _ga=GA1.1.862081022.1685428918
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 May 2023 06:41:58 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWjAmVeHwn4Czg3HCHqQHP8ngGMv8ZiC4prkF2gxFoxzjTaX0u0UxEL3sHersztr7FMzUnSuZkjjOKdOnK2WUhD0gm5IUL%2FHa4kJLHBeRmcER85dkKdJHtLbNWpurRFE%2FnI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 1077
server: cloudflare
cf-ray: 7cf4fe930a47b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT
File type JSON data\012- , ASCII text
Hash 29451070eb68458578d814f1b1dc4600
4e2113858407609ead9e1afee0ae01c4aa87adec
cd618c1bc3efd1c888772a6f9fc8a31beb6c3279240f24ad33a21f8db4964bf7
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:58 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://rewardarium.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=792e084246324a0ba50688175ec95664; expires=Wed, 29 May 2024 06:41:58 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.64.132.2200 OK 6.9 kB IP 172.64.132.2:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerGoogle Trust Services LLC
Subject*.tzegilo.com
FingerprintDF:12:8C:B5:F2:22:D6:BE:72:F3:C6:9A:FA:DD:9E:1F:4E:58:63:1E
ValidityTue, 11 Apr 2023 10:11:54 GMT - Mon, 10 Jul 2023 10:11:53 GMT
File type ASCII text, with very long lines (17479), with no line terminators
Hash dd2f9f2bb1e1c74b905556d0a7bc5545
0c831c8c56da8167b9e2dfd1d3eb3288348da85d
63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 06:41:58 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:59 GMT
etag: W/"646736cf-4447"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5235
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XClW2xvNvVbCHFTnJqISaLHGfYpW1UA%2BnZJmLhCSWG1OkHU4fQSjuXhZo16GDyp2PBYy2M8UG%2FHNKiLwCz3ZrxpzMSvOd5BHBYUh2eBFyjeVxEC0zX0TM%2BnUr04WXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf4fe93da2dd188-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash 45c44320445221beacf6cb407a7724b0
6123b952d3ee7cd14358b82305e95c73cba0d906
ce74ba8d47e2cf668b51f8394d3a99e83bf7056e819762e55287712b46a1299b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 30 May 2023 06:41:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 May 2023 02:07:07 GMT
Expires: Mon, 05 Jun 2023 02:07:06 GMT
Etag: "6123b952d3ee7cd14358b82305e95c73cba0d906"
Cache-Control: max-age=503054,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cf4fe943b5bb4ff-OSL
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 567
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:58 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: b2230d4bee5f0cd2294cd5e9e28ee83d
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
37.48.68.71 2 B URL datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1383
Origin: https://psaudous.com
DNT: 1
Connection: keep-alive
Referer: https://psaudous.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 30 May 2023 06:41:58 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://psaudous.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
rewardarium.com/sw.js
188.114.96.1200 OK 2.5 kB IP 188.114.96.1:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectrewardarium.com
FingerprintE9:09:05:81:43:DE:42:13:8F:E6:CA:66:34:30:0C:F1:2C:8D:E1:7E
ValidityThu, 06 Apr 2023 14:36:16 GMT - Wed, 05 Jul 2023 14:36:15 GMT
File type ASCII text, with very long lines (5235)
Hash 809c8f2863e519babd2dc405af277aa0
7a0f43bd8f81ef944627a6d83ced615d0eda962f
ecbb19ecba66133221ec0f3d6db1932b0507cc76f224b175768134f393e2033d
GET /sw.js HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
DNT: 1
Connection: keep-alive
Cookie: _ga_F0JFDXF7TQ=GS1.1.1685428917.1.0.1685428917.0.0.0; _ga=GA1.1.862081022.1685428918
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 May 2023 06:41:58 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"ca2bad6cb20023661b53ea682a457ede"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siXrp5lmyxMZWi%2BsHvosFprxbQJMRVgKcM2XFSGU1Odi0hIoO8jnaQkKMbZBVFe%2F2SKLahHdWGvqbq45bxmTtCzfYffpLrreChsarwd7k%2BB1YhcDGddabpetOW%2B6kS8Y%2Bq4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 1044
server: cloudflare
cf-ray: 7cf4fe93ab0db52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 879
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:58 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 973f3406dd6a5acb1a590a2a05770c8e
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash de11fbe3fa1006d7466bf3f2fc81030d
3216245cbcd618011604a31af25081fe3c125d8a
d01e4b9929d981417b592c1bd90d76193f374b58af548c573fa3491b3f33a826
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 616
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:58 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 2c932925320e5504854a8bf191d6cd4b
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
psaudous.com/?z=5776779&syncedCookie=true&rhd=false
139.45.197.239302 Found 0 B URL POST HTTP/2 psaudous.com/?z=5776779&syncedCookie=true&rhd=false
IP 139.45.197.239:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectpsaudous.com
Fingerprint74:1B:0B:1B:1B:A5:B9:16:B3:8D:1B:39:D1:7D:7D:00:8A:53:AB:D0
ValidityThu, 23 Mar 2023 05:13:48 GMT - Wed, 21 Jun 2023 05:13:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=5776779&syncedCookie=true&rhd=false HTTP/1.1
Host: psaudous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 554
Origin: https://psaudous.com
DNT: 1
Connection: keep-alive
Referer: https://psaudous.com/afu.php?zoneid=5776779&var=5776779&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false
Cookie: OAID=80512e47d6794d9e9f04b3935bda1be7; oaidts=1685428917
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 30 May 2023 06:41:58 GMT
content-length: 0
location: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
x-trace-id: e68f6ba0f196cff3bfa46623fe82c4b5
link: <https://www.mysexymatches.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
access-control-allow-origin: https://psaudous.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=80512e47d6794d9e9f04b3935bda1be7; expires=Wed, 29 May 2024 06:41:58 GMT; path=/; secure; SameSite=None
oaidts=1685428917; expires=Wed, 29 May 2024 06:41:58 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 06 Jun 2023 06:41:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
niwooghu.com/500/5776801?excludes=&oaid=792e084246324a0ba50688175ec95664&var=zd_5833048&ymid=687266642864124049&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL OPTIONS HTTP/2 niwooghu.com/500/5776801?excludes=&oaid=792e084246324a0ba50688175ec95664&var=zd_5833048&ymid=687266642864124049&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5776801?excludes=&oaid=792e084246324a0ba50688175ec95664&var=zd_5833048&ymid=687266642864124049&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:58 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://rewardarium.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg
104.22.33.172200 OK 14 kB URL GET HTTP/2 offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg
IP 104.22.33.172:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 7d763937692f59aea0578ffe58c10ee0
b3a4cc4fd1a0d8319e59057e535b0b19f1a3b35b
2d7300c572db1683cbc8071be4bbaf31b00954193f6f82d453c99a7a58bd7620
GET /www/images/7d763937692f59aea0578ffe58c10ee0.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 06:41:58 GMT
content-type: image/jpeg
content-length: 13778
cache-control: max-age=86400
cf-bgj: h2pri
etag: "63888441-35d2"
expires: Tue, 30 May 2023 10:25:52 GMT
last-modified: Thu, 01 Dec 2022 10:38:57 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 72966
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf4fe972e7998f6-ARN
X-Firefox-Spdy: h2
niwooghu.com/500/5776801?excludes=&oaid=792e084246324a0ba50688175ec95664&var=zd_5833048&ymid=687266642864124049&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 2.3 kB URL OPTIONS HTTP/2 niwooghu.com/500/5776801?excludes=&oaid=792e084246324a0ba50688175ec95664&var=zd_5833048&ymid=687266642864124049&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1308)
Hash 4ef75af818bd5b766a985db8424a7b9c
90045ed669d3565c78dfbeb9e0bb3049abc11090
e700f67fa02e9db37dac95bda0889227d7200aea71b4200eaaa18776ff08d646
GET /500/5776801?excludes=&oaid=792e084246324a0ba50688175ec95664&var=zd_5833048&ymid=687266642864124049&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Cookie: OAID=fad04ab09c4b4698862a229c15602e31
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:58 GMT
content-type: application/javascript
x-trace-id: 4b9c8e538d9ad71cdfddc4cc2744539f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://rewardarium.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=792e084246324a0ba50688175ec95664; expires=Wed, 29 May 2024 06:41:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/277419/1669995966/js/backoffer.js?1669995966
23.36.76.194200 OK 430 B URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277419/1669995966/js/backoffer.js?1669995966
IP 23.36.76.194:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (430), with no line terminators
Hash 6d5aa83d23ce0b9f72d3b87d000d8fae
034fb8768eb58ffc0b5849e2c162989741a6cbec
89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800
GET /landings/277419/1669995966/js/backoffer.js?1669995966 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: v1f1Ns7fb7Q4cR2Ntee8ybeaybY18IfPH9BqwE0dAo018VonckiRUPfeBvuUVrbfV7OT2dETY8k=
x-amz-request-id: YXPPYDEP11K3TXZJ
Last-Modified: Fri, 02 Dec 2022 15:46:08 GMT
ETag: "6d5aa83d23ce0b9f72d3b87d000d8fae"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 430
Date: Tue, 30 May 2023 06:41:59 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/277419/1669995966/js/secondofferv2.js?1669995966
23.36.76.194200 OK 454 B URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277419/1669995966/js/secondofferv2.js?1669995966
IP 23.36.76.194:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash 9bbe216b8e526fd98d219f2b91ccaa57
3f5d1be91ba58b6501c022155fe6778ce82b1663
1c83d2863f746a234e46c5578826ceeb8cbe126bc4c274ca679295441c44b948
GET /landings/277419/1669995966/js/secondofferv2.js?1669995966 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: xT1VfiD/gDu7mGS2SB+4fEAa7xPf3tUn5q0B+kr1Sn6JzaJm3G2pSjcldU0dUusQrkTB3yljSMc=
x-amz-request-id: YXPMHDVQP0FEF9C8
Last-Modified: Fri, 02 Dec 2022 15:46:09 GMT
ETag: "9bbe216b8e526fd98d219f2b91ccaa57"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 30 May 2023 06:41:59 GMT
Content-Length: 454
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/277419/1669995966/js/MB_push_NEW.js?1669995966
23.36.76.194200 OK 671 B URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277419/1669995966/js/MB_push_NEW.js?1669995966
IP 23.36.76.194:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 533a9cb9c41907529c3d603edb25d5d9
222bee472465971cf71bfa210d04136eb765ccc0
45d257677164ebc2c1fd4ff44b4ee5a1ce9c87682f165836a3e38113d1e09eaf
GET /landings/277419/1669995966/js/MB_push_NEW.js?1669995966 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: RCvhgqsVseFmfOXEnKcVyncLyjtIYNVqpZ/z9pJWd1fKjKPSySK/XYR9gYQ7bawk+9MXb9U41pw=
x-amz-request-id: 3N3F0T1ZDTHRAQZC
Last-Modified: Fri, 02 Dec 2022 15:46:09 GMT
ETag: "533a9cb9c41907529c3d603edb25d5d9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 671
Date: Tue, 30 May 2023 06:41:59 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/277419/1669995966/js/main.js?1669995966
23.36.76.194200 OK 40 kB URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277419/1669995966/js/main.js?1669995966
IP 23.36.76.194:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (568), with CRLF line terminators
Hash a0f4da40bd81c65d824afc106743d47f
55b2d4c57fdb017314f62ac2fe8a3e287dcadf7f
e40e7cc368c897d6a3a5095fae6ccd6d9a3f88af5ef9c590f79b9fd22293ad10
GET /landings/277419/1669995966/js/main.js?1669995966 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: f+QX96vu+ApDvIrT4YH3Pyrk61kjWPQIIMeKbfQF6nz+0w0be+Npchhi1miy2Nc9CT7ymeeejGQ=
x-amz-request-id: 3N3CJF20S2DP1V3Q
Last-Modified: Fri, 02 Dec 2022 15:46:08 GMT
ETag: "a0f4da40bd81c65d824afc106743d47f"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 30 May 2023 06:41:59 GMT
Content-Length: 40511
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/277419/1669995966/js/jquery.min.js?1669995966
23.36.76.194200 OK 30 kB URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277419/1669995966/js/jquery.min.js?1669995966
IP 23.36.76.194:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /landings/277419/1669995966/js/jquery.min.js?1669995966 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 1tdB4q9dfEQd1bC2mMotNqHRjbCEGQ0QDcnXBc8wgZ/gJd828utRw69oHtptMEmurgXovUOoufU=
x-amz-request-id: 3N39SVF38SJ7N63Y
Last-Modified: Fri, 02 Dec 2022 15:46:08 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 30 May 2023 06:41:59 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/277419/1669995966/images/bg.gif
23.36.76.194200 OK 3.0 MB URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277419/1669995966/images/bg.gif
IP 23.36.76.194:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type GIF image data, version 89a, 403 x 655\012- data
Size 3.0 MB (3015268 bytes)
Hash 49a2459c98974c49e78e4838a8a91020
3878cc447715455a199246de7621930bb94c0671
f27c1915d07f59b1040092c6eb696a4e450b3e70ab4988234c9c5911d3b07aef
GET /landings/277419/1669995966/images/bg.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/277419/1669995966/css/stylesheet.css?1669995966
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: dqtHzzMTHxoqMqy5ok0cr6i0XG3miiPWIrtYO3x5nFs+znKJ/KDBo/Xj41Rdn7xfILmb3eKnrE4=
x-amz-request-id: 7P31F2ZV9F2FJ8SM
Last-Modified: Fri, 02 Dec 2022 15:46:08 GMT
ETag: "49a2459c98974c49e78e4838a8a91020"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 3015268
Date: Tue, 30 May 2023 06:41:59 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ
142.250.74.168200 OK 56 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ
IP 142.250.74.168:443
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (4691)
Hash 7d2c3f970d4bddebc9e8faf3f33569eb
7e5bbed9e4eeb4988371b3d6a91f09e41d59086c
9894f63968748e8ab2570989cba41fb808d8766b0e9d0a1c844686b9a93ee120
GET /gtm.js?id=GTM-MLVPDTJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 30 May 2023 06:41:59 GMT
expires: Tue, 30 May 2023 06:41:59 GMT
cache-control: private, max-age=900
last-modified: Tue, 30 May 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 55507
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 06:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js
52.17.88.125200 OK 13 kB URL GET HTTP/2 www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js
IP 52.17.88.125:443
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerLet's Encrypt
Subject*.mysexymatches.com
Fingerprint7D:35:18:C7:41:6B:DC:68:1E:F2:FB:E0:71:F3:96:D3:FE:1A:B7:7C
ValiditySat, 20 May 2023 00:31:45 GMT - Fri, 18 Aug 2023 00:31:44 GMT
File type C source, ASCII text, with very long lines (44936)
Hash f95d529ac29ecfc9abaa172aa8e2d0bc
eda6157e0be24b665ccae4a244c99f4254426d74
94c63ede08073f00dffc5e9cbf4f1237428765c048082cbe73e857862e96015f
Analyzer Verdict Alert fortinet Phishing
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Cookie: unique_id=64759ab60005cb9b; unique_id2=64759ab60005d67c; 64759ab60005d67c_sl=[277419]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:59 GMT
content-type: application/javascript
expires: Tue, 06 Jun 2023 06:41:59 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 06:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
52.17.88.125200 OK 10 kB URL GET HTTP/2 www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
IP 52.17.88.125:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subject*.mysexymatches.com
Fingerprint7D:35:18:C7:41:6B:DC:68:1E:F2:FB:E0:71:F3:96:D3:FE:1A:B7:7C
ValiditySat, 20 May 2023 00:31:45 GMT - Fri, 18 Aug 2023 00:31:44 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (29167)
Hash 4c86b972eff20c3bf5fa039f23cb9a82
2e66741959e532954f3ab81389cbb030593e0cb6
a78389532a519309ea265ae1de98a6ce05121646654645d9a03ffd80b8e3b4b9
GET /c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779 HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:58 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=64759ab60005cb9b; Path=/; Expires=Sat, 29 Jul 2023 06:41:58 GMT; Secure; SameSite=None
unique_id2=64759ab60005d67c; Path=/; Expires=Mon, 28 Aug 2023 06:41:58 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Tue, 30 May 2023 06:41:58 GMT; Secure; SameSite=None
64759ab60005d67c_sl=[277419]; Path=/; Expires=Tue, 13 Jun 2023 06:41:58 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 06:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.exv6.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6>mcb=408307589
95.211.229.247200 OK 20 B URL GET HTTP/1.1 s.exv6.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6>mcb=408307589
IP 95.211.229.247:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerLet's Encrypt
Subjectexv6.com
Fingerprint95:DF:82:34:08:E0:F8:A7:24:C5:64:DB:75:CB:C7:E5:8D:E1:4D:6E
ValidityTue, 09 May 2023 12:39:36 GMT - Mon, 07 Aug 2023 12:39:35 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6>mcb=408307589 HTTP/1.1
Host: s.exv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 30 May 2023 06:41:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71748%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-05-30%22%3B%7D%7D; expires=Wed, 29 May 2024 06:41:59 GMT; path=/; domain=.exv6.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
niwooghu.com/impression/PFLvYmrsg-VK3AJzY57YDcOi3WbMYjXtTHaKThCHTPPD9pXxesFyF6z5SM-X4hnmokiflkTm6tyyDrHamWkKuIgddivUjWPmFS3dMIhe7sPG9549wtT5saX1hSU4zikPQel3836BX-XcMptI_TMiQU1ISz8yeXREqOmncYhJRsmpR56bmoHVVo2vCaL0ZDS9BqlyQrmTH6muI_4liG8n41NY4vif1zHwUcU7yd0xmXRbbgvX2gTKbw86nP4LZWkH0Sd2eqSFWns_vmPCnJFXvxpZfApL_0_1N4BtqU3dm6YQq4uTkcHKeXPjqSRG0CxkayYUguu5xe3mbn3wmyz3fBrloyRmVrFFNhaTk34vDxdaH0FewdluQW_y3K-JW_owHwrj1FVivvN2usiHXKcQGa8lVRWCQa-VlHQo5JpTRHmwxQbrrneKt4T4MLdP4R5p-4NPF6yihvhGZLHqjGXQt_3jgxUn-kz2TeKIZAmj5Zx0FzvFRq_esqO-5yjR-_yzAmAF1MmexLRRhcQGz5xs6eUVOlw3Ae9auUaCb3lOpCFinM6xDTx_yq_brf0AXGpVSXMasCvX-Br1UyODmLLpQiyHP-67d9Ff3CQARhwkJnvGezW44YxOnHEk9LbZs37S?_z=5776801&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL GET HTTP/2 niwooghu.com/impression/PFLvYmrsg-VK3AJzY57YDcOi3WbMYjXtTHaKThCHTPPD9pXxesFyF6z5SM-X4hnmokiflkTm6tyyDrHamWkKuIgddivUjWPmFS3dMIhe7sPG9549wtT5saX1hSU4zikPQel3836BX-XcMptI_TMiQU1ISz8yeXREqOmncYhJRsmpR56bmoHVVo2vCaL0ZDS9BqlyQrmTH6muI_4liG8n41NY4vif1zHwUcU7yd0xmXRbbgvX2gTKbw86nP4LZWkH0Sd2eqSFWns_vmPCnJFXvxpZfApL_0_1N4BtqU3dm6YQq4uTkcHKeXPjqSRG0CxkayYUguu5xe3mbn3wmyz3fBrloyRmVrFFNhaTk34vDxdaH0FewdluQW_y3K-JW_owHwrj1FVivvN2usiHXKcQGa8lVRWCQa-VlHQo5JpTRHmwxQbrrneKt4T4MLdP4R5p-4NPF6yihvhGZLHqjGXQt_3jgxUn-kz2TeKIZAmj5Zx0FzvFRq_esqO-5yjR-_yzAmAF1MmexLRRhcQGz5xs6eUVOlw3Ae9auUaCb3lOpCFinM6xDTx_yq_brf0AXGpVSXMasCvX-Br1UyODmLLpQiyHP-67d9Ff3CQARhwkJnvGezW44YxOnHEk9LbZs37S?_z=5776801&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/PFLvYmrsg-VK3AJzY57YDcOi3WbMYjXtTHaKThCHTPPD9pXxesFyF6z5SM-X4hnmokiflkTm6tyyDrHamWkKuIgddivUjWPmFS3dMIhe7sPG9549wtT5saX1hSU4zikPQel3836BX-XcMptI_TMiQU1ISz8yeXREqOmncYhJRsmpR56bmoHVVo2vCaL0ZDS9BqlyQrmTH6muI_4liG8n41NY4vif1zHwUcU7yd0xmXRbbgvX2gTKbw86nP4LZWkH0Sd2eqSFWns_vmPCnJFXvxpZfApL_0_1N4BtqU3dm6YQq4uTkcHKeXPjqSRG0CxkayYUguu5xe3mbn3wmyz3fBrloyRmVrFFNhaTk34vDxdaH0FewdluQW_y3K-JW_owHwrj1FVivvN2usiHXKcQGa8lVRWCQa-VlHQo5JpTRHmwxQbrrneKt4T4MLdP4R5p-4NPF6yihvhGZLHqjGXQt_3jgxUn-kz2TeKIZAmj5Zx0FzvFRq_esqO-5yjR-_yzAmAF1MmexLRRhcQGz5xs6eUVOlw3Ae9auUaCb3lOpCFinM6xDTx_yq_brf0AXGpVSXMasCvX-Br1UyODmLLpQiyHP-67d9Ff3CQARhwkJnvGezW44YxOnHEk9LbZs37S?_z=5776801&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Cookie: OAID=792e084246324a0ba50688175ec95664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:42:00 GMT
content-type: image/gif
content-length: 43
x-trace-id: 02c0356f42c4ef75d2b2dc729b999059
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
niwooghu.com/500/5776801?excludes=16368912&oaid=792e084246324a0ba50688175ec95664&var=zd_5833048&ymid=687266642864124049&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL OPTIONS HTTP/2 niwooghu.com/500/5776801?excludes=16368912&oaid=792e084246324a0ba50688175ec95664&var=zd_5833048&ymid=687266642864124049&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5776801?excludes=16368912&oaid=792e084246324a0ba50688175ec95664&var=zd_5833048&ymid=687266642864124049&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:42:00 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://rewardarium.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
niwooghu.com/500/5776801?excludes=16368912&oaid=792e084246324a0ba50688175ec95664&var=zd_5833048&ymid=687266642864124049&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 12 kB URL OPTIONS HTTP/2 niwooghu.com/500/5776801?excludes=16368912&oaid=792e084246324a0ba50688175ec95664&var=zd_5833048&ymid=687266642864124049&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 855dcbf6fc7bd137f5141946980f8210
3c7162c56b82a2ae333bc53fec410d9493465fda
d8c14d6663ed63a70fea8a217c6419d3682537e1fff26b8ef99aba7f0ff97672
GET /500/5776801?excludes=16368912&oaid=792e084246324a0ba50688175ec95664&var=zd_5833048&ymid=687266642864124049&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Cookie: OAID=792e084246324a0ba50688175ec95664
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:42:00 GMT
content-type: application/javascript
x-trace-id: 3681cf503dca817b1fa16dae4aab452a
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://rewardarium.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=792e084246324a0ba50688175ec95664; expires=Wed, 29 May 2024 06:42:00 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg
104.22.33.172200 OK 14 kB URL GET HTTP/2 offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg
IP 104.22.33.172:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 7d763937692f59aea0578ffe58c10ee0
b3a4cc4fd1a0d8319e59057e535b0b19f1a3b35b
2d7300c572db1683cbc8071be4bbaf31b00954193f6f82d453c99a7a58bd7620
GET /www/images/7d763937692f59aea0578ffe58c10ee0.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 30 May 2023 06:42:00 GMT
content-type: image/jpeg
content-length: 13778
cache-control: max-age=86400
cf-bgj: h2pri
etag: "63888441-35d2"
expires: Tue, 30 May 2023 10:25:52 GMT
last-modified: Thu, 01 Dec 2022 10:38:57 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 72968
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf4fea2081998f6-ARN
X-Firefox-Spdy: h2
niwooghu.com/impression/HSMo4LXo4Ty5QBtTU-tsnk5XARQf_FfFbQsEv2N5hOkuV8Bw4KpSp723kb7MFcaZVzfwGWPlJqeemVtTNDTZByKt6ZkfdhJCXhv_4WRUGfgUTwzSEPabhc9TvV50lB_GfIyBWwHqzKjXh4vE83hsZD43an0vobOmTtJca6xaDvmKtl0MhLLNQIoIrw4wE1AIl_7JZjZQ5LZLkVf0H9mNsvlOfP-CScfj9s1ofcMBCDfgJSOceBI6jVeoXU9h5Q6Yqwadgovjjl5mzYpuKorrwtbzoNex7IOGA0bnSOGQInIv-x1_HjKMQVO6Z4xgp19mvjSHEH9eqRsDYjHxRs9pcgtwYwmkZsbp-wnoeP8XS3ThH1L7TNel9xOhacvxCF0hNQIzqASehf9A1h001fiSUWHiw6wyW88O96xBkED7Zy5Jk2u9raUx7bZvaffq1gALPHbYf781sg-qHBGatP-yXb2STZncZErjB1wFfaJPcK9EHzjjNH_ZQmt6aGXOIymOLEIIRgB0YS1XPNBP4_x7NfAs6cCUUPAB9jiYxgxQbkUjFAa-HCs_C7q8aoBAFfx5JPca_XFbNmRS2DAKMp2LicVSlOqCTf4cLeg3CKuEz6FUb4dlxbEa80yssy-03ehg?_z=5776801&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL GET HTTP/2 niwooghu.com/impression/HSMo4LXo4Ty5QBtTU-tsnk5XARQf_FfFbQsEv2N5hOkuV8Bw4KpSp723kb7MFcaZVzfwGWPlJqeemVtTNDTZByKt6ZkfdhJCXhv_4WRUGfgUTwzSEPabhc9TvV50lB_GfIyBWwHqzKjXh4vE83hsZD43an0vobOmTtJca6xaDvmKtl0MhLLNQIoIrw4wE1AIl_7JZjZQ5LZLkVf0H9mNsvlOfP-CScfj9s1ofcMBCDfgJSOceBI6jVeoXU9h5Q6Yqwadgovjjl5mzYpuKorrwtbzoNex7IOGA0bnSOGQInIv-x1_HjKMQVO6Z4xgp19mvjSHEH9eqRsDYjHxRs9pcgtwYwmkZsbp-wnoeP8XS3ThH1L7TNel9xOhacvxCF0hNQIzqASehf9A1h001fiSUWHiw6wyW88O96xBkED7Zy5Jk2u9raUx7bZvaffq1gALPHbYf781sg-qHBGatP-yXb2STZncZErjB1wFfaJPcK9EHzjjNH_ZQmt6aGXOIymOLEIIRgB0YS1XPNBP4_x7NfAs6cCUUPAB9jiYxgxQbkUjFAa-HCs_C7q8aoBAFfx5JPca_XFbNmRS2DAKMp2LicVSlOqCTf4cLeg3CKuEz6FUb4dlxbEa80yssy-03ehg?_z=5776801&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/HSMo4LXo4Ty5QBtTU-tsnk5XARQf_FfFbQsEv2N5hOkuV8Bw4KpSp723kb7MFcaZVzfwGWPlJqeemVtTNDTZByKt6ZkfdhJCXhv_4WRUGfgUTwzSEPabhc9TvV50lB_GfIyBWwHqzKjXh4vE83hsZD43an0vobOmTtJca6xaDvmKtl0MhLLNQIoIrw4wE1AIl_7JZjZQ5LZLkVf0H9mNsvlOfP-CScfj9s1ofcMBCDfgJSOceBI6jVeoXU9h5Q6Yqwadgovjjl5mzYpuKorrwtbzoNex7IOGA0bnSOGQInIv-x1_HjKMQVO6Z4xgp19mvjSHEH9eqRsDYjHxRs9pcgtwYwmkZsbp-wnoeP8XS3ThH1L7TNel9xOhacvxCF0hNQIzqASehf9A1h001fiSUWHiw6wyW88O96xBkED7Zy5Jk2u9raUx7bZvaffq1gALPHbYf781sg-qHBGatP-yXb2STZncZErjB1wFfaJPcK9EHzjjNH_ZQmt6aGXOIymOLEIIRgB0YS1XPNBP4_x7NfAs6cCUUPAB9jiYxgxQbkUjFAa-HCs_C7q8aoBAFfx5JPca_XFbNmRS2DAKMp2LicVSlOqCTf4cLeg3CKuEz6FUb4dlxbEa80yssy-03ehg?_z=5776801&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5833048%26ar%3D1%26pb%3D3%26ymid%3D687266642864124049%26source%3D726858ccd4%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Cookie: OAID=792e084246324a0ba50688175ec95664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:42:03 GMT
content-type: image/gif
content-length: 43
x-trace-id: 50e5c893ac0bcb6f11534d32c910a567
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
104.22.33.172200 OK 11 kB URL GET HTTP/2 offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
IP 104.22.33.172:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash c203639f459b6e675afc744dd5393fc6
c83a0142c1a7f6a07c2dd360243197a27f560932
64b4e386658d3f5764261f576a4673eb506fcad5e38e69ef085723f8dab72263
GET /www/images/c203639f459b6e675afc744dd5393fc6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 30 May 2023 06:42:03 GMT
content-type: image/jpeg
content-length: 10857
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849a-2a69"
expires: Tue, 30 May 2023 06:46:15 GMT
last-modified: Thu, 01 Dec 2022 10:40:26 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 86148
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf4feb4cf8398f6-ARN
X-Firefox-Spdy: h2
www.mysexymatches.com/js/pushjs/1.0.0/utils.js
52.17.88.125200 OK 7.1 kB URL GET HTTP/2 www.mysexymatches.com/js/pushjs/1.0.0/utils.js
IP 52.17.88.125:443
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerLet's Encrypt
Subject*.mysexymatches.com
Fingerprint7D:35:18:C7:41:6B:DC:68:1E:F2:FB:E0:71:F3:96:D3:FE:1A:B7:7C
ValiditySat, 20 May 2023 00:31:45 GMT - Fri, 18 Aug 2023 00:31:44 GMT
File type C source, ASCII text, with very long lines (7334), with no line terminators
Hash 7df62062a027cd25d5a179c520f38668
0ddaa8cd9090908d987e0299cef74fbf7f118738
cdf93aff990bae251f609ef00d7d2bdbb56a35f003c7184ba067b5948629faa3
Analyzer Verdict Alert fortinet Phishing
GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Cookie: unique_id=64759ab60005cb9b; unique_id2=64759ab60005d67c; 64759ab60005d67c_sl=[277419]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:59 GMT
content-type: application/javascript
expires: Tue, 06 Jun 2023 06:41:59 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
psaudous.com/4/5776779/?ymid=687266642864124049&var=zd_5833048&var3=726858ccd4
139.45.197.239200 OK 27 kB URL GET HTTP/2 psaudous.com/4/5776779/?ymid=687266642864124049&var=zd_5833048&var3=726858ccd4
IP 139.45.197.239:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectpsaudous.com
Fingerprint74:1B:0B:1B:1B:A5:B9:16:B3:8D:1B:39:D1:7D:7D:00:8A:53:AB:D0
ValidityThu, 23 Mar 2023 05:13:48 GMT - Wed, 21 Jun 2023 05:13:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17913)
Hash f112ec2102fec5af17cea9cdbf6a10f7
54b39e690663a041f488e5a201fd289a8f17fd15
ead69a1daa503a9f651021f5b24e7ce610b9ed72964ce97d490430d43d368cb2
GET /4/5776779/?ymid=687266642864124049&var=zd_5833048&var3=726858ccd4 HTTP/1.1
Host: psaudous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:57 GMT
content-type: text/html; charset=utf8
x-trace-id: e878e7a90e572bc8db74265daac48d6e
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-credentials: true
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=80512e47d6794d9e9f04b3935bda1be7; expires=Wed, 29 May 2024 06:41:57 GMT; path=/; secure; SameSite=None
oaidts=1685428917; expires=Wed, 29 May 2024 06:41:57 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *, *
access-control-allow-methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, Accept, Content-Type, Content-Length, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
rewardarium.com/lightning.svg
188.114.96.1200 OK 558 B URL GET HTTP/3 rewardarium.com/lightning.svg
IP 188.114.96.1:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectrewardarium.com
FingerprintE9:09:05:81:43:DE:42:13:8F:E6:CA:66:34:30:0C:F1:2C:8D:E1:7E
ValidityThu, 06 Apr 2023 14:36:16 GMT - Wed, 05 Jul 2023 14:36:15 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (603), with no line terminators
Hash 9c0ef0f4019464092e924742904d75ea
33ed4dae960a9bfc33b63882d39e47ec431ec46d
2b810d0b2fb0339bca96276a4646b209804b992d8dbffb6e0d62651e48d97e83
GET /lightning.svg HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 06:41:57 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"9cbec3ef22e57179a0901d90b7b6e2fd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpQpBOFvDdK%2BoTU1VOGw4MJcVcW0ADzCZvxq6lrZXi3NbUQshNi8Ws0G2vDf%2BzSYkZtmHSOJbpZLXlM2I%2BE7FLYkXA9q6a%2FwLIaKpiW7R2fhsJ%2B25gwQKXTzbxRad997NKJGXrmiqMxerEFWjZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 2858
server: cloudflare
cf-ray: 7cf4fe8f5d81b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
niwooghu.com/400/5776801?ymid=687266642864124049&var=zd_5833048&var3=726858ccd4
139.45.197.237200 OK 83 kB URL GET HTTP/2 niwooghu.com/400/5776801?ymid=687266642864124049&var=zd_5833048&var3=726858ccd4
IP 139.45.197.237:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2cced34f24f0bb19b8ca416fbeb9086f
aae277cfe0a2098cf2fc3a4d565beb8f986af338
f6a834eeff2358a5771e7c724ad3c0e5b221c01757a095df2cbfd0d16b74eb95
GET /400/5776801?ymid=687266642864124049&var=zd_5833048&var3=726858ccd4 HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:57 GMT
content-type: application/javascript
x-trace-id: 5702408a45baa4a4582407869bbc5256
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=fad04ab09c4b4698862a229c15602e31; expires=Wed, 29 May 2024 06:41:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
142.250.74.99200 OK 36 kB URL GET HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP 142.250.74.99:443
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (35547)
Hash 0cb7a0eb328ea70ab360f861314c8820
e3e20eb50dae36f4cbcef1890b1cc7878acb537a
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 13:53:37 GMT
expires: Sun, 26 May 2024 13:53:37 GMT
cache-control: public, max-age=31536000
age: 233302
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=5776812&ymid=687266642864124049&var=zd_5833048&var3=726858ccd4
139.45.197.250200 OK 15 kB URL GET HTTP/2 stootsou.net/pfe/current/tag.min.js?z=5776812&ymid=687266642864124049&var=zd_5833048&var3=726858ccd4
IP 139.45.197.250:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT
File type C source, ASCII text, with very long lines (14679), with no line terminators
Hash 83f6e56a3b901fac2707ecccf0965f09
995200921efdbeb113f3ef2673940ddb67ea1c43
cecd92849ee17cc9ac45fca3d6219454f117ad03bbc4c94d76297c482448c0f3
GET /pfe/current/tag.min.js?z=5776812&ymid=687266642864124049&var=zd_5833048&var3=726858ccd4 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 06:41:57 GMT
content-type: application/javascript
last-modified: Mon, 29 May 2023 10:02:24 GMT
etag: W/"64747830-3957"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=4fdc95c9-9001-4768-aac8-c1886405d3a9
139.45.195.253200 OK 12 B URL POST HTTP/1.1 datatechonert.com/log/add?cid=4fdc95c9-9001-4768-aac8-c1886405d3a9
IP 139.45.195.253:443
Requested by https://rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate IssuerSectigo Limited
Subjectdatatechonert.com
Fingerprint6F:17:15:C2:7F:CC:16:6C:9D:C0:AD:C3:EE:DA:69:61:8C:77:0B:5B
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 6949f52318584a4b51c719a9b84a7287
9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905
72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
POST /log/add?cid=4fdc95c9-9001-4768-aac8-c1886405d3a9 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1465
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 30 May 2023 06:41:58 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://rewardarium.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
188.114.96.1200 OK 27 kB URL User Request GET HTTP/2 rewardarium.com/?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
IP 188.114.96.1:443
Certificate IssuerLet's Encrypt
Subjectrewardarium.com
FingerprintE9:09:05:81:43:DE:42:13:8F:E6:CA:66:34:30:0C:F1:2C:8D:E1:7E
ValidityThu, 06 Apr 2023 14:36:16 GMT - Wed, 05 Jul 2023 14:36:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?var=zd_5833048&ar=1&pb=3&ymid=687266642864124049&source=726858ccd4&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357 HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 06:41:57 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NqJI8cvEEXZrqZcwulhPmHfxydBvgWKPFrKIbnZ7ZQL7TfG2Aac88dsZ8NPd71YEJnKNb2sKQaU2BwFykJEdsFW%2F1qp9qvyEJ8u9USsRlXYYrZ%2BISiXKi1zxwElGezBjzY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7cf4fe8dffe21bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
142.250.74.99200 OK 25 kB URL GET HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP 142.250.74.99:443
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (25088)
Hash 9164d0e8a317eceb870cca88c9683127
4617c910005f7100b4ff26a458a8b4463e33cdc6
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 20:32:50 GMT
expires: Sun, 26 May 2024 20:32:50 GMT
cache-control: public, max-age=31536000
age: 209349
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/277419/1669995966/css/stylesheet.css?1669995966
23.36.76.194200 OK 3.7 kB URL GET HTTP/1.1 cdn-adef.akamaized.net/landings/277419/1669995966/css/stylesheet.css?1669995966
IP 23.36.76.194:443
ASN #20940 Akamai International B.V.
Requested by https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (3923), with no line terminators
Hash 50a838000340c3c4a66e6c943b7f88d4
68d2cda8bb2182116c596cb4a32e68fef8326d77
b05d0dc5a468ee260dae347ee653f186da777545ba738c2be8065b145170ea8c
GET /landings/277419/1669995966/css/stylesheet.css?1669995966 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 8+Ko1lb4bEGjQFtc0vUOloHz9qE5GWEeW5qyEH/3I1tNo6wyPeMxwj9NR1J0MaoTioNl77ksxwM=
x-amz-request-id: F34EQHW776AA2E3S
Last-Modified: Fri, 02 Dec 2022 15:46:08 GMT
ETag: "8196a9f7321975d3b06574de1095f7b8"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 30 May 2023 06:41:59 GMT
Content-Length: 1266
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"