Report - cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5945406&axcusid1=&clid={ymid}&r=https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret={var_4}&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357

Report Overview

Submitted URL
cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5945406&axcusid1=&clid={ymid}&r=https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret={var_4}&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-01 02:45:26
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s.exv6.com	unknown	2021-07-21	2022-03-16	2023-05-31	476 B	433 B	95.211.229.246
my.rtmark.net	9054	2014-10-29	2015-02-04	2023-05-31	427 B	746 B	139.45.195.8
tzegilo.com	unknown	2022-01-14	2022-01-14	2023-06-01	398 B	7.7 kB	104.21.0.191
niwooghu.com	unknown	2022-04-01	2022-04-01	2023-05-31	6.4 kB	37 kB	139.45.197.237
rewardarium.com	unknown	2023-04-05	2023-04-06	2023-05-31	2.5 kB	61 kB	188.114.97.1
cdn-adef.akamaized.net	125719	2014-03-18	2018-02-06	2023-06-01	3.3 kB	1.3 MB	23.36.76.194
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-31	866 B	146 kB	142.250.74.168
www.mysexymatches.com	unknown	2022-02-14	2022-04-23	2023-05-31	1.7 kB	20 kB	52.17.88.125
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-31	866 B	20 kB	142.250.74.35
i.th61.com	unknown	2013-11-07	2023-04-06	2023-05-31	457 B	588 B	172.67.146.173
cdntechone.com	64371	2021-12-24	2021-12-24	2023-05-31	403 B	19 kB	188.114.97.1
datatechone.com	unknown	2021-12-24	2015-06-17	2023-05-31	530 B	465 B	37.48.68.71
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-31	1.7 kB	3.5 kB	142.250.74.131
stootsou.net	145219	2021-04-03	2021-04-05	2023-05-31	2.9 kB	121 kB	139.45.197.250
psaudous.com	unknown	2021-04-01	2021-04-30	2023-05-31	1.3 kB	14 kB	139.45.197.239
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-31	990 B	2.9 kB	104.18.15.101
datatechonert.com	46154	2021-12-24	2021-12-24	2023-06-01	534 B	483 B	37.48.68.71
amunfezanttor.com	unknown	2023-03-31	2023-03-31	2023-05-31	496 B	537 B	139.45.197.250
offerimage.com	304078	2019-06-10	2019-06-10	2023-05-31	1.8 kB	50 kB	172.67.22.216

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-05-31	medium	amunfezanttor.com

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	cdn-adef.akamaized.net/landings/277423/1669996037/js/backoffer.js?1669996037	430 B	2023-03-07	2024-04-18
Pretty URL cdn-adef.akamaized.net/landings/277423/1669996037/js/backoffer.js?1669996037 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-18 09:54:54 Times Seen5794 Hash 6d5aa83d23ce0b9f72d3b87d000d8fae 034fb8768eb58ffc0b5849e2c162989741a6cbec 89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800 Loading...

	www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js	9.4 kB	2023-05-23	2023-07-25
Pretty URL www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-23 13:07:49 Last Seen2023-07-25 20:18:06 Times Seen1187 Hash 9a76092417bab7e2f25aac9bb01c6a91 07158fa1c2bd1f320b4401b1a535430afe66655a 788a5bacebaac190a447e071de8c171e7f8baa55be95df07621b24ea4fb667a2 Loading...

	rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357	16 kB	2023-05-31	2023-06-14
Pretty URL rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 18:02:07 Last Seen2023-06-14 02:13:50 Times Seen29 Hash bcb0fd5d4a78b8eb2e9f0861f8ab43c7 70b4271903244e5d2928eecefdcfbb7b7f853547 cf3abfdcc23daf604eab7ed4b127311c54482c76e888a5850f0b433ddbf0c3d2 Loading...

	rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357	844 B	2023-05-10	2024-02-04
Pretty URL rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-10 22:17:03 Last Seen2024-02-04 18:18:02 Times Seen184 Hash da83f3f67e1427b1b2912ec051d442ac 19b98e18b4d7551cb78786195b0ac3f13d44655f d8fefe93838b19fd7c382e7e94adfc981e4176ae5ea94ee2a0a90cfc3ac58d1a Loading...

	cdn-adef.akamaized.net/landings/277423/1669996037/js/jquery.min.js?1669996037	86 kB	2023-03-07	2024-04-19
Pretty URL cdn-adef.akamaized.net/landings/277423/1669996037/js/jquery.min.js?1669996037 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 18:06:17 Times Seen380150 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	cdn-adef.akamaized.net/landings/277423/1669996037/js/MB_push_NEW.js?1669996037	671 B	2023-03-07	2024-01-22
Pretty URL cdn-adef.akamaized.net/landings/277423/1669996037/js/MB_push_NEW.js?1669996037 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-01-22 06:10:19 Times Seen3706 Hash 533a9cb9c41907529c3d603edb25d5d9 222bee472465971cf71bfa210d04136eb765ccc0 45d257677164ebc2c1fd4ff44b4ee5a1ce9c87682f165836a3e38113d1e09eaf Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ	153 kB	2023-06-01	2023-06-01
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 04:42:58 Last Seen2023-06-01 05:20:01 Times Seen8 Hash de47b8a3f51325f0d8e702ec3ebdd3ca c07fa0e867a8c15586c33bb272cc2a12511eb1aa cdde3b94b5dfea7dc7f64db07daf3a96711bcb8d5a6e7b1de081c838d8a3cec3 Loading...

	rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357	190 B	2023-05-10	2024-02-04
Pretty URL rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-10 22:17:03 Last Seen2024-02-04 18:18:02 Times Seen184 Hash da008c9bc760ff0122c71b55fc16c512 a07ba07634f6a8f6a937e90b34d8440876396832 30a4bff1b5332bdf1f3c643ba78d60626589944b9f94a6a444ddce76b37cc176 Loading...

	www.googletagmanager.com/gtag/js?id=G-F0JFDXF7TQ	263 kB	2023-06-01	2023-06-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-F0JFDXF7TQ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 03:11:13 Last Seen2023-06-01 04:45:27 Times Seen4 Hash 9837f3b8d2d7760deb9bb7c480cf6f8f 7fb161a398b0128c429ab126653dcc20b2b97873 a7982febac92b050e2fb8703e8da16c1418f55e29833df657c89f1e5707be4ed Loading...

	niwooghu.com/400/5776801?ymid=687965663505159039&var=zd_5945406&var3=	83 kB	2023-06-01	2023-06-01
Pretty URL niwooghu.com/400/5776801?ymid=687965663505159039&var=zd_5945406&var3= IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 04:45:27 Last Seen2023-06-01 04:45:27 Times Seen1 Hash 7d9d4d2fc90d6820197efd012443c8a9 9d3be8c8c8c0d8499604ed95416ee0751550d548 763d17ade47b9929b3342324660d48d1f924a3085fb45ca1910e2c9b28e49ae4 Loading...

	tzegilo.com/stattag.js	18 kB	2023-05-22	2023-09-06
Pretty URL tzegilo.com/stattag.js IP 104.21.0.191 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 16:37:35 Last Seen2023-09-06 23:37:01 Times Seen3156 Hash dd2f9f2bb1e1c74b905556d0a7bc5545 0c831c8c56da8167b9e2dfd1d3eb3288348da85d 63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663 Loading...

	rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357	390 B	2023-05-10	2024-02-04
Pretty URL rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-10 22:17:03 Last Seen2024-02-04 18:18:02 Times Seen184 Hash cbf570f04431e4be78453c93dfc41729 27c7be0bb145ff5f85be32107b1be536983e7356 43649afdd5bdc0df08cdea23986fa0a7b2c1e2da389ec9715fc38b72dc9d1dbf Loading...

	stootsou.net/pfe/current/tag.min.js?z=5776812&ymid=687965663505159039&var=zd_5945406&var3=	15 kB	2023-05-30	2023-06-02
Pretty URL stootsou.net/pfe/current/tag.min.js?z=5776812&ymid=687965663505159039&var=zd_5945406&var3= IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 15:15:49 Last Seen2023-06-02 10:49:34 Times Seen154 Hash dd1bd926c9d267f953b3631fa55c8597 1a37cc25c5dbeb4edd216419587df4c3f270adf0 6e021b2b21122242fa40175b8df6316a9386aa36454efd2c234e891258003d27 Loading...

	www.mysexymatches.com/js/pushjs/1.0.0/utils.js	7.1 kB	2023-03-07	2024-04-19
Pretty URL www.mysexymatches.com/js/pushjs/1.0.0/utils.js IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-19 12:29:50 Times Seen4795 Hash 711c7ecda710a342d24faef1dec76ede d1b38489603a2aecc2be5edb4fa4cd8d442fe727 41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js	36 kB	2023-03-07	2024-04-19
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-19 12:29:50 Times Seen11062 Hash 0cb7a0eb328ea70ab360f861314c8820 e3e20eb50dae36f4cbcef1890b1cc7878acb537a 4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9 Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-app.js	25 kB	2023-03-07	2024-04-19
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-19 12:29:50 Times Seen10986 Hash 9164d0e8a317eceb870cca88c9683127 4617c910005f7100b4ff26a458a8b4463e33cdc6 15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931 Loading...

	cdn-adef.akamaized.net/landings/277423/1669996037/js/main.js?1669996037	164 kB	2023-03-07	2024-03-15
Pretty URL cdn-adef.akamaized.net/landings/277423/1669996037/js/main.js?1669996037 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-03-15 03:06:38 Times Seen3928 Hash a0f4da40bd81c65d824afc106743d47f 55b2d4c57fdb017314f62ac2fe8a3e287dcadf7f e40e7cc368c897d6a3a5095fae6ccd6d9a3f88af5ef9c590f79b9fd22293ad10 Loading...

	cdn-adef.akamaized.net/landings/277423/1669996037/js/secondofferv2.js?1669996037	1.2 kB	2023-03-07	2024-01-22
Pretty URL cdn-adef.akamaized.net/landings/277423/1669996037/js/secondofferv2.js?1669996037 IP 23.36.76.194 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-01-22 06:10:19 Times Seen3749 Hash 9bbe216b8e526fd98d219f2b91ccaa57 3f5d1be91ba58b6501c022155fe6778ce82b1663 1c83d2863f746a234e46c5578826ceeb8cbe126bc4c274ca679295441c44b948 Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/shims/firebase.js	2.3 kB	2023-05-05	2024-04-19
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/shims/firebase.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38:25 Last Seen2024-04-19 12:29:50 Times Seen9684 Hash 32d439c9ec8c789e843ae58b6774681c deb2c661dacf46eb3a1eacbba3e430dcf10cc395 f65e83801e16f98e150ae8843afb4c98c0b3ac0fa7fbe5a5ec687b08119732d6 Loading...

	rewardarium.com/sandbox%20eval%20code	123 B	2023-05-05	2024-04-19
Pretty URL rewardarium.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38:25 Last Seen2024-04-19 12:29:50 Times Seen7404 Hash 239166f4d1bda569909c9af241098419 ad3987a93224de5c735c7c380daf5bfaecf60ac8 255566913e81e0587539abba68839777480779575271b734e817e7093f4dceec Loading...

	unknown	1.8 kB	2023-03-07	2024-01-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-01-22 06:10:19 Times Seen1898 Hash f635f3356b851f81cd3544c628a404d7 1e5b2e303492351cb8e8de3c5569d69d005acce4 2d39b7df8163f76195f1f28e837d34a8de00f146db22be3ea3b91c925ea044fd Loading...

	cdntechone.com/stattag.js	18 kB	2023-05-22	2023-09-07
Pretty URL cdntechone.com/stattag.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 16:28:01 Last Seen2023-09-07 08:45:40 Times Seen4488 Hash 0fdff67feab23cc69ecfb6800fc54cb7 eb84c650e6d27e290795207b1f37dd7b67f2aa06 456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378 Loading...

	www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779	391 B	2023-04-05	2024-01-22
Pretty URL www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779 IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 09:54:56 Last Seen2024-01-22 06:10:19 Times Seen1908 Hash 5309ed40ce506ad3835aaf9cdb58936e 7f28dc0bbdc514c5facdf048c7675d982d99f8f1 a708a632a45c8428d88229a757ef59a135f2706e6dff043f11a45c4e4dbbd9b6 Loading...

	rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357	329 B	2023-05-10	2024-02-04
Pretty URL rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-10 22:17:03 Last Seen2024-02-04 18:18:02 Times Seen183 Hash 4c9a9cb26ff0be1ae596d884a738ea0a 8c86213c17adb91b4d8b290c5fbf9877e3902ad8 f2a31793286d483a8c1d7d18125cce9604554ecc6f4961fb776749f79f251c81 Loading...

	unknown	103 kB	2023-05-30	2023-06-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 15:15:49 Last Seen2023-06-02 10:49:34 Times Seen179 Hash 1b123fd41baea32c1eb585b61dfa974a 79e249b08f2d60b923a335f0bd061fd0e4156cf8 738289e65a303f6c32178e4a0783cd1bf807628e20e522e7d84e7e764ea49f67 Loading...

	rewardarium.com/f442b919-0a03-49ca-8c5f-5673151d3add	21 B	2023-05-02	2024-02-04
Pretty URL rewardarium.com/f442b919-0a03-49ca-8c5f-5673151d3add IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-02 01:31:34 Last Seen2024-02-04 18:18:02 Times Seen190 Hash b11a16e856ed427b41a1a9b57424ae10 02e2fbdc94b155e6fc7c35f85d2daa6d279dbabe 6aae7759a4341d69e02c86cefdf85f822416a27a9aeb5a758a70a8f8cdea5fba Loading...

	www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779	0 B	2023-03-07	2024-04-19
Pretty URL www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779 IP 52.17.88.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 18:09:44 Times Seen36965209 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (52)

URL IP Response Size

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
45c44320445221beacf6cb407a7724b0
6123b952d3ee7cd14358b82305e95c73cba0d906
ce74ba8d47e2cf668b51f8394d3a99e83bf7056e819762e55287712b46a1299b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 02:45:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 May 2023 02:07:07 GMT
Expires: Mon, 05 Jun 2023 02:07:06 GMT
Etag: "6123b952d3ee7cd14358b82305e95c73cba0d906"
Cache-Control: max-age=344226,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d041e660ab4b51b-OSL

datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853

37.48.68.71

2 B

URL
datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
IP
37.48.68.71:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1563
Origin: https://cdntechone.com
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 01 Jun 2023 02:45:08 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5b53f2fcda25e30bbbf202b507fac96c
1d1cfb1765f42aba83c3b3e89417b228ed9f0b22
6971f9675ef64b91754cc952302f0a4e9d93b0435625536165dde4c7fe71b235

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 02:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-F0JFDXF7TQ

142.250.74.168

200 OK

89 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-F0JFDXF7TQ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (6408)
Size
89 kB (88566 bytes)
Hash
9837f3b8d2d7760deb9bb7c480cf6f8f
7fb161a398b0128c429ab126653dcc20b2b97873
a7982febac92b050e2fb8703e8da16c1418f55e29833df657c89f1e5707be4ed

HTTP Headers

GET /gtag/js?id=G-F0JFDXF7TQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Jun 2023 02:45:08 GMT
expires: Thu, 01 Jun 2023 02:45:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88566
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5b53f2fcda25e30bbbf202b507fac96c
1d1cfb1765f42aba83c3b3e89417b228ed9f0b22
6971f9675ef64b91754cc952302f0a4e9d93b0435625536165dde4c7fe71b235

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 02:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
23cafd2f23f997956352672f021ce6d1
732a931da2b75e53224cfa78c5ec91e7b3350532
6d0dd9e8cd03e2e41a8360321752df46523ac7463df5cbfff19961dbce3a8e6e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 02:45:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 17:19:59 GMT
Expires: Sun, 04 Jun 2023 17:19:58 GMT
Etag: "732a931da2b75e53224cfa78c5ec91e7b3350532"
Cache-Control: max-age=311818,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d041e6a8cbab51b-OSL

stootsou.net/zone?pub=0&zone_id=5776812&is_mobile=false&domain=rewardarium.com&var=zd_5945406&ymid=687965663505159039&var_3=

139.45.197.250

200 OK

880 B

URL GET HTTP/2
stootsou.net/zone?pub=0&zone_id=5776812&is_mobile=false&domain=rewardarium.com&var=zd_5945406&ymid=687965663505159039&var_3=
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT

File type
JSON data\012- , ASCII text, with very long lines (879)
Size
880 B (880 bytes)
Hash
ee62be1e7ae4899da9044737dd07e635
ab6cd84336e9426ef98fa450f2288f195bc6d826
44287053ad37f51c2f6145d391db985e5876c57c67a111c452cdfff440db2d68

HTTP Headers

GET /zone?pub=0&zone_id=5776812&is_mobile=false&domain=rewardarium.com&var=zd_5945406&ymid=687965663505159039&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:08 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: 20f483af31a4811078dc655a8d9ae911
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

datatechonert.com/log/add?cid=4fdc95c9-9001-4768-aac8-c1886405d3a9

37.48.68.71

200 OK

12 B

URL POST HTTP/1.1
datatechonert.com/log/add?cid=4fdc95c9-9001-4768-aac8-c1886405d3a9
IP
37.48.68.71:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerSectigo Limited
Subjectdatatechonert.com
Fingerprint6F:17:15:C2:7F:CC:16:6C:9D:C0:AD:C3:EE:DA:69:61:8C:77:0B:5B
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=4fdc95c9-9001-4768-aac8-c1886405d3a9 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1455
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 01 Jun 2023 02:45:08 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://rewardarium.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

tzegilo.com/stattag.js

104.21.0.191

200 OK

6.9 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
104.21.0.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerGoogle Trust Services LLC
Subject*.tzegilo.com
FingerprintDF:12:8C:B5:F2:22:D6:BE:72:F3:C6:9A:FA:DD:9E:1F:4E:58:63:1E
ValidityTue, 11 Apr 2023 10:11:54 GMT - Mon, 10 Jul 2023 10:11:53 GMT

File type
ASCII text, with very long lines (17479), with no line terminators
Size
6.9 kB (6856 bytes)
Hash
dd2f9f2bb1e1c74b905556d0a7bc5545
0c831c8c56da8167b9e2dfd1d3eb3288348da85d
63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 02:45:08 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:59 GMT
etag: W/"646736cf-4447"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsPDCmLyze1M0uDTTapaSrrXahJCXI7PE7Kt4zWDvyqIebdSJhqye1U8tXJtdZEBDYW0EaoUAqb7GAYPUMFPWiryyDH0IDL1dLXPAAOQPwY7WeIiXe4cjkWrM%2FWLcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d041e6b0a700afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

stootsou.net/custom

139.45.197.250

200 OK

39 B

URL POST HTTP/2
stootsou.net/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 547
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:09 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 67cc642648c8e78395d2e241e1f00673
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

stootsou.net/custom

139.45.197.250

200 OK

39 B

URL POST HTTP/2
stootsou.net/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 556
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:09 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: b39902f01df869157d4c33a42de35c21
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

niwooghu.com/400/5776801?ymid=687965663505159039&var=zd_5945406&var3=

139.45.197.237

200 OK

32 kB

URL GET HTTP/2
niwooghu.com/400/5776801?ymid=687965663505159039&var=zd_5945406&var3=
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
32 kB (31538 bytes)
Hash
f410fc1a476eab7bf5670d3688780d82
678faab65294626a07296d48e391406fd0cfe1fa
625b7b28a025d783768772a2710bb3eb79b4e27d713a211d7f415dca9ab3ed59

HTTP Headers

GET /400/5776801?ymid=687965663505159039&var=zd_5945406&var3= HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:08 GMT
content-type: application/javascript
x-trace-id: 9fa13428d31720b778b2969f2f59f819
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=76dd222f0d1f464b98f30e977dc0065c; expires=Fri, 31 May 2024 02:45:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
45c44320445221beacf6cb407a7724b0
6123b952d3ee7cd14358b82305e95c73cba0d906
ce74ba8d47e2cf668b51f8394d3a99e83bf7056e819762e55287712b46a1299b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 02:45:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 29 May 2023 02:07:07 GMT
Expires: Mon, 05 Jun 2023 02:07:06 GMT
Etag: "6123b952d3ee7cd14358b82305e95c73cba0d906"
Cache-Control: max-age=343848,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d041e6cad8eb51b-OSL

psaudous.com/4/5776779/?ymid=687965663505159039&var=zd_5945406&var3=

139.45.197.239

200 OK

11 kB

URL GET HTTP/2
psaudous.com/4/5776779/?ymid=687965663505159039&var=zd_5945406&var3=
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectpsaudous.com
Fingerprint74:1B:0B:1B:1B:A5:B9:16:B3:8D:1B:39:D1:7D:7D:00:8A:53:AB:D0
ValidityThu, 23 Mar 2023 05:13:48 GMT - Wed, 21 Jun 2023 05:13:47 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17913)
Size
11 kB (11441 bytes)
Hash
bcf31745a6ff7154b3cc879962ebe245
69d98417037e750f2acdf3d8851408d6726016b0
ff849e51b8075f771df4d27b4c2f4d2a3ef8eb962be7031478b2a11081e0988e

HTTP Headers

GET /4/5776779/?ymid=687965663505159039&var=zd_5945406&var3= HTTP/1.1
Host: psaudous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:08 GMT
content-type: text/html; charset=utf8
x-trace-id: 7778f64c9a72d3a9a0f7afc38b79e2e3
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-credentials: true
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=88a65fbace0349459199051c5d602358; expires=Fri, 31 May 2024 02:45:08 GMT; path=/; secure; SameSite=None
oaidts=1685587508; expires=Fri, 31 May 2024 02:45:08 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *, *
access-control-allow-methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, Accept, Content-Type, Content-Length, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

rewardarium.com/sw.js

188.114.97.1

200 OK

2.6 kB

URL GET HTTP/3
rewardarium.com/sw.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectrewardarium.com
FingerprintE9:09:05:81:43:DE:42:13:8F:E6:CA:66:34:30:0C:F1:2C:8D:E1:7E
ValidityThu, 06 Apr 2023 14:36:16 GMT - Wed, 05 Jul 2023 14:36:15 GMT

File type
ASCII text, with very long lines (5235)
Size
2.6 kB (2567 bytes)
Hash
809c8f2863e519babd2dc405af277aa0
7a0f43bd8f81ef944627a6d83ced615d0eda962f
ecbb19ecba66133221ec0f3d6db1932b0507cc76f224b175768134f393e2033d

HTTP Headers

GET /sw.js HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
DNT: 1
Connection: keep-alive
Cookie: _ga_F0JFDXF7TQ=GS1.1.1685587508.1.0.1685587508.0.0.0; _ga=GA1.1.1450799899.1685587508
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 01 Jun 2023 02:45:09 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"ca2bad6cb20023661b53ea682a457ede"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siXrp5lmyxMZWi%2BsHvosFprxbQJMRVgKcM2XFSGU1Odi0hIoO8jnaQkKMbZBVFe%2F2SKLahHdWGvqbq45bxmTtCzfYffpLrreChsarwd7k%2BB1YhcDGddabpetOW%2B6kS8Y%2Bq4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 3838
server: cloudflare
cf-ray: 7d041e6bf9feb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i.th61.com/watch?zone=5776779&var=zd_5945406&ymid=687965663505159039&s=5

172.67.146.173

200 OK

8 B

URL POST HTTP/2
i.th61.com/watch?zone=5776779&var=zd_5945406&ymid=687965663505159039&s=5
IP
172.67.146.173:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint80:B8:25:47:ED:82:D4:A7:46:25:E7:D0:EF:21:B6:EE:31:E1:D5:63
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /watch?zone=5776779&var=zd_5945406&ymid=687965663505159039&s=5 HTTP/1.1
Host: i.th61.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
date: Thu, 01 Jun 2023 02:45:09 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5E8iEFiygksPJQuAA6QmvDjg9tL%2BB2XM24cjzxq9tQTpjNM%2FYg63ffYw3q4aBvzHt3s%2Fe4gB4CCbDUBLwfI4St1v%2F66dNW7wAJ6W2nTwhllcSIRlflgOaOge6t2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d041e68cac51bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
05cff9560e0a60379056c71ad2ce67a9
6a75e3accac096a16a59f812b10bbd490041929e
5921ebad414ab92cb2803de7b5b142523fd5e9d0af4b2a3707a112641385ae6a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 606
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:09 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: c77411940f0dad2ab91cf6db312b41a4
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

stootsou.net/custom

139.45.197.250

200 OK

39 B

URL POST HTTP/2
stootsou.net/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Content-Length: 901
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:09 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e698a87c3304bad6c760b9f7bbaea448
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

psaudous.com/?z=5776779&syncedCookie=true&rhd=false

139.45.197.239

302 Found

0 B

URL POST HTTP/2
psaudous.com/?z=5776779&syncedCookie=true&rhd=false
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectpsaudous.com
Fingerprint74:1B:0B:1B:1B:A5:B9:16:B3:8D:1B:39:D1:7D:7D:00:8A:53:AB:D0
ValidityThu, 23 Mar 2023 05:13:48 GMT - Wed, 21 Jun 2023 05:13:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /?z=5776779&syncedCookie=true&rhd=false HTTP/1.1
Host: psaudous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 528
Origin: https://psaudous.com
DNT: 1
Connection: keep-alive
Referer: https://psaudous.com/afu.php?zoneid=5776779&var=5776779&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false
Cookie: OAID=88a65fbace0349459199051c5d602358; oaidts=1685587508
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Thu, 01 Jun 2023 02:45:09 GMT
content-length: 0
location: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
x-trace-id: b0f0c0c7974e10738e2831305db0c1bc
link: <https://www.mysexymatches.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
access-control-allow-origin: https://psaudous.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=88a65fbace0349459199051c5d602358; expires=Fri, 31 May 2024 02:45:09 GMT; path=/; secure; SameSite=None
oaidts=1685587508; expires=Fri, 31 May 2024 02:45:09 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 08 Jun 2023 02:45:09 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

niwooghu.com/500/5776801?excludes=&oaid=fb12886e7aed4234b3d3e93fa265c8e0&var=zd_5945406&ymid=687965663505159039&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL OPTIONS HTTP/2
niwooghu.com/500/5776801?excludes=&oaid=fb12886e7aed4234b3d3e93fa265c8e0&var=zd_5945406&ymid=687965663505159039&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/5776801?excludes=&oaid=fb12886e7aed4234b3d3e93fa265c8e0&var=zd_5945406&ymid=687965663505159039&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:09 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://rewardarium.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg

172.67.22.216

200 OK

11 kB

URL GET HTTP/2
offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
IP
172.67.22.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
11 kB (10857 bytes)
Hash
c203639f459b6e675afc744dd5393fc6
c83a0142c1a7f6a07c2dd360243197a27f560932
64b4e386658d3f5764261f576a4673eb506fcad5e38e69ef085723f8dab72263

HTTP Headers

GET /www/images/c203639f459b6e675afc744dd5393fc6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 02:45:09 GMT
content-type: image/jpeg
content-length: 10857
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849a-2a69"
expires: Thu, 01 Jun 2023 09:45:22 GMT
last-modified: Thu, 01 Dec 2022 10:40:26 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 61187
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d041e6fec39b517-OSL
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/277423/1669996037/js/backoffer.js?1669996037

23.36.76.194

200 OK

430 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277423/1669996037/js/backoffer.js?1669996037
IP
23.36.76.194:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (430), with no line terminators
Size
430 B (430 bytes)
Hash
6d5aa83d23ce0b9f72d3b87d000d8fae
034fb8768eb58ffc0b5849e2c162989741a6cbec
89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800

HTTP Headers

GET /landings/277423/1669996037/js/backoffer.js?1669996037 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: wQjQ4KLZfZPl4C4F+cDGnMVIpeWXFGoN5EU5RZivmlsy4B9dTxNAY7kNXlx9wjGfAnd6nZY5JPk=
x-amz-request-id: 9HZH1FTBM5DXQVE7
Last-Modified: Fri, 02 Dec 2022 15:47:19 GMT
ETag: "6d5aa83d23ce0b9f72d3b87d000d8fae"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 430
Date: Thu, 01 Jun 2023 02:45:09 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277423/1669996037/js/secondofferv2.js?1669996037

23.36.76.194

200 OK

454 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277423/1669996037/js/secondofferv2.js?1669996037
IP
23.36.76.194:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text
Size
454 B (454 bytes)
Hash
9bbe216b8e526fd98d219f2b91ccaa57
3f5d1be91ba58b6501c022155fe6778ce82b1663
1c83d2863f746a234e46c5578826ceeb8cbe126bc4c274ca679295441c44b948

HTTP Headers

GET /landings/277423/1669996037/js/secondofferv2.js?1669996037 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: TBXznBQnjCkBzBBFj9JkzFMaDIYn8xvJBUm1XIV1OQobif1haYm4G918n4r7TuaZ4fb9w7KqUB8=
x-amz-request-id: VBQAT92HF3YSW2PR
Last-Modified: Fri, 02 Dec 2022 15:47:20 GMT
ETag: "9bbe216b8e526fd98d219f2b91ccaa57"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Jun 2023 02:45:09 GMT
Content-Length: 454
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779

52.17.88.125

200 OK

2.8 kB

URL GET HTTP/2
www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
IP
52.17.88.125:443
ASN
#16509 AMAZON-02

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subject*.mysexymatches.com
Fingerprint7D:35:18:C7:41:6B:DC:68:1E:F2:FB:E0:71:F3:96:D3:FE:1A:B7:7C
ValiditySat, 20 May 2023 00:31:45 GMT - Fri, 18 Aug 2023 00:31:44 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4081)
Size
2.8 kB (2767 bytes)
Hash
2650cd01afcda880bb831b976afcfc19
5d845981a99505e54b6817fe66c79925fccb3f80
3081c04a5eb7d3a357b91982c70a5b334926205778d7df20c5771e521d146606

HTTP Headers

GET /c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779 HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:09 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=6478063500026a74; Path=/; Expires=Mon, 31 Jul 2023 02:45:09 GMT; Secure; SameSite=None
unique_id2=6478063500026eed; Path=/; Expires=Wed, 30 Aug 2023 02:45:09 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Thu, 01 Jun 2023 02:45:09 GMT; Secure; SameSite=None
6478063500026eed_sl=[277423]; Path=/; Expires=Thu, 15 Jun 2023 02:45:09 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.237

200 OK

1.7 kB

URL OPTIONS HTTP/2
niwooghu.com/500/5776801?excludes=&oaid=fb12886e7aed4234b3d3e93fa265c8e0&var=zd_5945406&ymid=687965663505159039&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
1.7 kB (1737 bytes)
Hash
0489dc17c913d730f27a427c4b8a33cd
1629a141d4adf118f7bf1f43ef91800ade5d9afa
248b31cf879d752d03b1a9acc62b30f95980582ca006090825ed5d898c0678e9

HTTP Headers

GET /500/5776801?excludes=&oaid=fb12886e7aed4234b3d3e93fa265c8e0&var=zd_5945406&ymid=687965663505159039&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Content-Type: application/json
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Cookie: OAID=76dd222f0d1f464b98f30e977dc0065c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:09 GMT
content-type: application/javascript
x-trace-id: 036ec2be9de75688f3dd0cb29f791f2d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://rewardarium.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=fb12886e7aed4234b3d3e93fa265c8e0; expires=Fri, 31 May 2024 02:45:09 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/277423/1669996037/js/jquery.min.js?1669996037

23.36.76.194

200 OK

30 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277423/1669996037/js/jquery.min.js?1669996037
IP
23.36.76.194:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (32065)
Size
30 kB (29855 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /landings/277423/1669996037/js/jquery.min.js?1669996037 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: JrgOilEZ3uRoKC6ngsupgtvA0XmkXUSz0XfNR3rzF0zCH3hHZ06hF/4c6ZKPwM6mVuOMVG+QbPk=
x-amz-request-id: 9HZTD5K3AZSVMWET
Last-Modified: Fri, 02 Dec 2022 15:47:19 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Jun 2023 02:45:09 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277423/1669996037/js/main.js?1669996037

23.36.76.194

200 OK

40 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277423/1669996037/js/main.js?1669996037
IP
23.36.76.194:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (568), with CRLF line terminators
Size
40 kB (40511 bytes)
Hash
a0f4da40bd81c65d824afc106743d47f
55b2d4c57fdb017314f62ac2fe8a3e287dcadf7f
e40e7cc368c897d6a3a5095fae6ccd6d9a3f88af5ef9c590f79b9fd22293ad10

HTTP Headers

GET /landings/277423/1669996037/js/main.js?1669996037 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: g+E+f+ZbK/fcOZUXAojseAsPNRn67mWzaCqIfISD2cC6tTHSKxejVPkwtmuzMSGis2iwjqPrvFI=
x-amz-request-id: 9HZQGJ3RYAASCRS4
Last-Modified: Fri, 02 Dec 2022 15:47:19 GMT
ETag: "a0f4da40bd81c65d824afc106743d47f"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Jun 2023 02:45:09 GMT
Content-Length: 40511
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/277423/1669996037/images/bg.gif

23.36.76.194

200 OK

1.2 MB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277423/1669996037/images/bg.gif
IP
23.36.76.194:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
GIF image data, version 89a, 298 x 517\012- data
Size
1.2 MB (1235704 bytes)
Hash
24834ba3652037ba5e9dd83bfe2c5c50
955eddd177b4135779733c22c6460e78f8b68a41
50584cbf4273096c0c420aedf9c04ddc0b6651eb26d75994df7665f4191c7705

HTTP Headers

GET /landings/277423/1669996037/images/bg.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/277423/1669996037/css/stylesheet.css?1669996037
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: tG/yOycB7uc1KVXLa4AHQUnMI3lStDs13OpaZ4ApoZNGSHQTSzQc8k22EhV76yoN2rF+j0Eo6Yk=
x-amz-request-id: VBQB08MQ2M49GF38
Last-Modified: Fri, 02 Dec 2022 15:47:19 GMT
ETag: "24834ba3652037ba5e9dd83bfe2c5c50"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 1235704
Date: Thu, 01 Jun 2023 02:45:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ

142.250.74.168

200 OK

56 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-MLVPDTJ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (4691)
Size
56 kB (56015 bytes)
Hash
de47b8a3f51325f0d8e702ec3ebdd3ca
c07fa0e867a8c15586c33bb272cc2a12511eb1aa
cdde3b94b5dfea7dc7f64db07daf3a96711bcb8d5a6e7b1de081c838d8a3cec3

HTTP Headers

GET /gtm.js?id=GTM-MLVPDTJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Jun 2023 02:45:10 GMT
expires: Thu, 01 Jun 2023 02:45:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Jun 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56015
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 02:45:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 02:45:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js

142.250.74.35

200 OK

10 kB

URL GET HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
ASCII text, with very long lines (35547)
Size
10 kB (10017 bytes)
Hash
0cb7a0eb328ea70ab360f861314c8820
e3e20eb50dae36f4cbcef1890b1cc7878acb537a
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9

HTTP Headers

GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 21:40:29 GMT
expires: Wed, 29 May 2024 21:40:29 GMT
cache-control: public, max-age=31536000
age: 104681
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/firebasejs/5.0.2/firebase-app.js

142.250.74.35

200 OK

8.6 kB

URL GET HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
ASCII text, with very long lines (25088)
Size
8.6 kB (8604 bytes)
Hash
9164d0e8a317eceb870cca88c9683127
4617c910005f7100b4ff26a458a8b4463e33cdc6
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931

HTTP Headers

GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 17:31:35 GMT
expires: Wed, 29 May 2024 17:31:35 GMT
cache-control: public, max-age=31536000
age: 119615
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.exv6.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1096626865

95.211.229.246

200 OK

20 B

URL GET HTTP/1.1
s.exv6.com/tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1096626865
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerLet's Encrypt
Subjectexv6.com
Fingerprint95:DF:82:34:08:E0:F8:A7:24:C5:64:DB:75:CB:C7:E5:8D:E1:4D:6E
ValidityTue, 09 May 2023 12:39:36 GMT - Mon, 07 Aug 2023 12:39:35 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=bffb3c5e28d21c389b381a46bb5cd6e6&gtmcb=1096626865 HTTP/1.1
Host: s.exv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 02:45:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71748%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-05-31%22%3B%7D%7D; expires=Fri, 31 May 2024 02:45:10 GMT; path=/; domain=.exv6.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 02:45:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

niwooghu.com/impression/ph83vL5783BFcldtYYgfZ5oXL0Lrh4CFvkJBHITGXODnSd6aqfgA8mf46rDUNQ0WOxyzMA04gMg1WuskUMHeREDRNhkmdzf-RarbKy_1Pbvt6TkFGsRSPX0uu0ObEExwmCVKUNb8Se5f5cjspsNGF-J4oiZnMFqQWzxyFea_-yQJ0iAkqhc_Af3ZXnMdZD8-7RKFf2aeOJ7n_MT8SC53sx28RfimA6IRRXsnjHo6MYavMNIenbK6DEWuC25SZGGTsEY-nK5PgNB0kzG32B6F6r68F50AztM1Telc15TcA0cjHCSl1M3wvsdPLo8dT7W6umQtpSme3xGmhtHa60pRhgpcXvPrUhmre497vdccfe2KyyMQNM65-IyWV1Dpei6ep1oeRtd2KNEHgJj_rdupb5IQ0DJXhYyXVLUXBu4QUDyj_fPjCt_1ss80rL83TTl4XlmFtbePCAP0IYeRaUUg_JOSfWYwW_-X_8VxfwH3sugK5NribM_ckzIqM9kGTjXgHhXfSddl2AfNQOe-fQ-3jGzxsiUspgbNPjwf7zDuESIZ-ZEisL3UdPa08NPc1WPgQios0uQeJMRcNmQJqZ0qeu3M0HxCn30msWup-tIU7qGTML3iLf2ojd0Pfh9pfa6f?_z=5776801&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

43 B

URL GET HTTP/2
niwooghu.com/impression/ph83vL5783BFcldtYYgfZ5oXL0Lrh4CFvkJBHITGXODnSd6aqfgA8mf46rDUNQ0WOxyzMA04gMg1WuskUMHeREDRNhkmdzf-RarbKy_1Pbvt6TkFGsRSPX0uu0ObEExwmCVKUNb8Se5f5cjspsNGF-J4oiZnMFqQWzxyFea_-yQJ0iAkqhc_Af3ZXnMdZD8-7RKFf2aeOJ7n_MT8SC53sx28RfimA6IRRXsnjHo6MYavMNIenbK6DEWuC25SZGGTsEY-nK5PgNB0kzG32B6F6r68F50AztM1Telc15TcA0cjHCSl1M3wvsdPLo8dT7W6umQtpSme3xGmhtHa60pRhgpcXvPrUhmre497vdccfe2KyyMQNM65-IyWV1Dpei6ep1oeRtd2KNEHgJj_rdupb5IQ0DJXhYyXVLUXBu4QUDyj_fPjCt_1ss80rL83TTl4XlmFtbePCAP0IYeRaUUg_JOSfWYwW_-X_8VxfwH3sugK5NribM_ckzIqM9kGTjXgHhXfSddl2AfNQOe-fQ-3jGzxsiUspgbNPjwf7zDuESIZ-ZEisL3UdPa08NPc1WPgQios0uQeJMRcNmQJqZ0qeu3M0HxCn30msWup-tIU7qGTML3iLf2ojd0Pfh9pfa6f?_z=5776801&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /impression/ph83vL5783BFcldtYYgfZ5oXL0Lrh4CFvkJBHITGXODnSd6aqfgA8mf46rDUNQ0WOxyzMA04gMg1WuskUMHeREDRNhkmdzf-RarbKy_1Pbvt6TkFGsRSPX0uu0ObEExwmCVKUNb8Se5f5cjspsNGF-J4oiZnMFqQWzxyFea_-yQJ0iAkqhc_Af3ZXnMdZD8-7RKFf2aeOJ7n_MT8SC53sx28RfimA6IRRXsnjHo6MYavMNIenbK6DEWuC25SZGGTsEY-nK5PgNB0kzG32B6F6r68F50AztM1Telc15TcA0cjHCSl1M3wvsdPLo8dT7W6umQtpSme3xGmhtHa60pRhgpcXvPrUhmre497vdccfe2KyyMQNM65-IyWV1Dpei6ep1oeRtd2KNEHgJj_rdupb5IQ0DJXhYyXVLUXBu4QUDyj_fPjCt_1ss80rL83TTl4XlmFtbePCAP0IYeRaUUg_JOSfWYwW_-X_8VxfwH3sugK5NribM_ckzIqM9kGTjXgHhXfSddl2AfNQOe-fQ-3jGzxsiUspgbNPjwf7zDuESIZ-ZEisL3UdPa08NPc1WPgQios0uQeJMRcNmQJqZ0qeu3M0HxCn30msWup-tIU7qGTML3iLf2ojd0Pfh9pfa6f?_z=5776801&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Cookie: OAID=fb12886e7aed4234b3d3e93fa265c8e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:10 GMT
content-type: image/gif
content-length: 43
x-trace-id: b5525fd2bc457d43529237d7df92dc10
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

niwooghu.com/500/5776801?excludes=16368911&oaid=fb12886e7aed4234b3d3e93fa265c8e0&var=zd_5945406&ymid=687965663505159039&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL OPTIONS HTTP/2
niwooghu.com/500/5776801?excludes=16368911&oaid=fb12886e7aed4234b3d3e93fa265c8e0&var=zd_5945406&ymid=687965663505159039&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/5776801?excludes=16368911&oaid=fb12886e7aed4234b3d3e93fa265c8e0&var=zd_5945406&ymid=687965663505159039&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:11 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://rewardarium.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg

172.67.22.216

200 OK

13 kB

URL GET HTTP/2
offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg
IP
172.67.22.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (13093 bytes)
Hash
1355aa125a385056845e0ee1d5384e9a
cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea
248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733

HTTP Headers

GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Jun 2023 02:45:11 GMT
content-type: image/jpeg
content-length: 13093
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849b-3325"
expires: Thu, 01 Jun 2023 10:12:16 GMT
last-modified: Thu, 01 Dec 2022 10:40:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 59575
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d041e7a0811b517-OSL
X-Firefox-Spdy: h2

offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg

172.67.22.216

200 OK

11 kB

URL GET HTTP/2
offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
IP
172.67.22.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
11 kB (10857 bytes)
Hash
c203639f459b6e675afc744dd5393fc6
c83a0142c1a7f6a07c2dd360243197a27f560932
64b4e386658d3f5764261f576a4673eb506fcad5e38e69ef085723f8dab72263

HTTP Headers

GET /www/images/c203639f459b6e675afc744dd5393fc6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Jun 2023 02:45:11 GMT
content-type: image/jpeg
content-length: 10857
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849a-2a69"
expires: Thu, 01 Jun 2023 09:45:22 GMT
last-modified: Thu, 01 Dec 2022 10:40:26 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 61189
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d041e7a984cb517-OSL
X-Firefox-Spdy: h2

niwooghu.com/impression/baIHGPbV161l1VYMATbtm9Ed_l-NMmBVykMPhDRQbmJ4oWKPZMhvMQkxkBNQc1WSPj2ZSJhWST012KceZebn8jpxeNoFzrThgiQ7WRnYDkP2NigS2NU_Lq8Kxckzr9qYZCkM7RwVaBUVLoh2GOqWIqWBMi4BYbBpHiiGr0i1uBNbYj3xjpMG1B5jWZXIzygyVCUqrQPeWGO6Z-AZizfSDrb55HlUEFR5Xk1Gb0F83ZcfjQDmpoprK6258zgNJzlfR-bfb46zFUMvq7J6el9otI5NwZqNDr9tv5jbkvAVBebhQzZGPmnPzsaZLC0XUm90ugX9ZFj5KVUoRSI7u4SixJod9qd4_m8CP-Ut_Ud63g7BPZQLg84NgPIK88C6NfdSjA8pqgVBIQTHwJNP1ZbdzvmZkOS3RfUyoWAsW9WwU1Zx2YtcYocWVxC4y74pXt_l3rrDduNL4icVoawqpQKo-zlYEzIE8i7diEOisewEdoj6GPhPTwTQcl60FIPbrjvQgArjUrKuwjUEX2cnjMI0X_J_7_CnLbik1zwpbievd4xpcg9bIEnO_bjsMCSFCoHJLM7-_Vv5KYo1fm3ywcVF5OLRpH6ylKf4WWi4yPNzMdpMIIRLoI8h90np6mzLMiBA?_z=5776801&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

43 B

URL GET HTTP/2
niwooghu.com/impression/baIHGPbV161l1VYMATbtm9Ed_l-NMmBVykMPhDRQbmJ4oWKPZMhvMQkxkBNQc1WSPj2ZSJhWST012KceZebn8jpxeNoFzrThgiQ7WRnYDkP2NigS2NU_Lq8Kxckzr9qYZCkM7RwVaBUVLoh2GOqWIqWBMi4BYbBpHiiGr0i1uBNbYj3xjpMG1B5jWZXIzygyVCUqrQPeWGO6Z-AZizfSDrb55HlUEFR5Xk1Gb0F83ZcfjQDmpoprK6258zgNJzlfR-bfb46zFUMvq7J6el9otI5NwZqNDr9tv5jbkvAVBebhQzZGPmnPzsaZLC0XUm90ugX9ZFj5KVUoRSI7u4SixJod9qd4_m8CP-Ut_Ud63g7BPZQLg84NgPIK88C6NfdSjA8pqgVBIQTHwJNP1ZbdzvmZkOS3RfUyoWAsW9WwU1Zx2YtcYocWVxC4y74pXt_l3rrDduNL4icVoawqpQKo-zlYEzIE8i7diEOisewEdoj6GPhPTwTQcl60FIPbrjvQgArjUrKuwjUEX2cnjMI0X_J_7_CnLbik1zwpbievd4xpcg9bIEnO_bjsMCSFCoHJLM7-_Vv5KYo1fm3ywcVF5OLRpH6ylKf4WWi4yPNzMdpMIIRLoI8h90np6mzLMiBA?_z=5776801&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectniwooghu.com
FingerprintD6:61:D9:C1:16:B4:4D:E5:88:E3:06:BA:A2:09:52:99:B6:CE:9B:CF
ValiditySat, 06 May 2023 05:15:47 GMT - Fri, 04 Aug 2023 05:15:46 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /impression/baIHGPbV161l1VYMATbtm9Ed_l-NMmBVykMPhDRQbmJ4oWKPZMhvMQkxkBNQc1WSPj2ZSJhWST012KceZebn8jpxeNoFzrThgiQ7WRnYDkP2NigS2NU_Lq8Kxckzr9qYZCkM7RwVaBUVLoh2GOqWIqWBMi4BYbBpHiiGr0i1uBNbYj3xjpMG1B5jWZXIzygyVCUqrQPeWGO6Z-AZizfSDrb55HlUEFR5Xk1Gb0F83ZcfjQDmpoprK6258zgNJzlfR-bfb46zFUMvq7J6el9otI5NwZqNDr9tv5jbkvAVBebhQzZGPmnPzsaZLC0XUm90ugX9ZFj5KVUoRSI7u4SixJod9qd4_m8CP-Ut_Ud63g7BPZQLg84NgPIK88C6NfdSjA8pqgVBIQTHwJNP1ZbdzvmZkOS3RfUyoWAsW9WwU1Zx2YtcYocWVxC4y74pXt_l3rrDduNL4icVoawqpQKo-zlYEzIE8i7diEOisewEdoj6GPhPTwTQcl60FIPbrjvQgArjUrKuwjUEX2cnjMI0X_J_7_CnLbik1zwpbievd4xpcg9bIEnO_bjsMCSFCoHJLM7-_Vv5KYo1fm3ywcVF5OLRpH6ylKf4WWi4yPNzMdpMIIRLoI8h90np6mzLMiBA?_z=5776801&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Frewardarium.com%2F%3Fvar%3Dzd_5945406%26ar%3D1%26pb%3D3%26ymid%3D687965663505159039%26source%3D%26ret%3Dnull%26acb%3Dproxy%26axcusid2%3DSweepstakes%26axadvid%3D3599371%26axcamid%3D9357&drf=https%3A%2F%2Fcdntechone.com%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: niwooghu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Cookie: OAID=fb12886e7aed4234b3d3e93fa265c8e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:13 GMT
content-type: image/gif
content-length: 43
x-trace-id: c2c964644e8f873a73262daf612c134c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg

172.67.22.216

200 OK

13 kB

URL GET HTTP/2
offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg
IP
172.67.22.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (13093 bytes)
Hash
1355aa125a385056845e0ee1d5384e9a
cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea
248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733

HTTP Headers

GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Jun 2023 02:45:14 GMT
content-type: image/jpeg
content-length: 13093
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849b-3325"
expires: Thu, 01 Jun 2023 10:12:16 GMT
last-modified: Thu, 01 Dec 2022 10:40:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 59578
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d041e8d496ab517-OSL
X-Firefox-Spdy: h2

rewardarium.com/favicon.ico

188.114.97.1

200 OK

27 kB

URL GET HTTP/3
rewardarium.com/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectrewardarium.com
FingerprintE9:09:05:81:43:DE:42:13:8F:E6:CA:66:34:30:0C:F1:2C:8D:E1:7E
ValidityThu, 06 Apr 2023 14:36:16 GMT - Wed, 05 Jul 2023 14:36:15 GMT

File type

Size
27 kB (27372 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
DNT: 1
Connection: keep-alive
Cookie: _ga_F0JFDXF7TQ=GS1.1.1685587508.1.0.1685587508.0.0.0; _ga=GA1.1.1450799899.1685587508
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 02:45:09 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEgtFMzmOloXx%2FvP7bUlP%2B%2F24i%2B1dQD%2FiWFFjemng4q%2B96QlXLzEUh88mj4HGYUoyzureRuhy99wlmwj16ANzZ28pmjJXICupYby%2F1SBPgFvLJQaP9R54F%2BSI0cmJLvS8Z4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7d041e6be9f7b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdntechone.com/stattag.js

188.114.97.1

200 OK

18 kB

URL GET HTTP/2
cdntechone.com/stattag.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (17871)
Size
18 kB (18521 bytes)
Hash
0fdff67feab23cc69ecfb6800fc54cb7
eb84c650e6d27e290795207b1f37dd7b67f2aa06
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 02:45:08 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:53 GMT
etag: W/"646736c9-4859"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2580
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHzHEY0WU%2FnbQ9eFVUvcViair3Mn6ytBfKLO2LotsKmvJp7R86XeEQOPUFfM2%2FcIyLpvSmQwHDAlWb7EzhmgSb4aVRg2imuH19gZGUCYHwPP4zdUOV4hwK%2FMV5WNzSWOPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d041e68cbddb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/277423/1669996037/css/stylesheet.css?1669996037

23.36.76.194

200 OK

3.7 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277423/1669996037/css/stylesheet.css?1669996037
IP
23.36.76.194:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (3923), with no line terminators
Size
3.7 kB (3725 bytes)
Hash
85b0cd56bd43303e7695f11e15348504
3f1ec59a8b25bf79d495b985cedfbecc714cd0b0
0b9b08c7f1525cca3a30596be5264332a8e5d818de64bb0354a507dff0c824d2

HTTP Headers

GET /landings/277423/1669996037/css/stylesheet.css?1669996037 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: IyESBznHP7Ein0nvpfWYoHLdKF/ERsmL3RJ/hMTJ90TlFJanGi/X0MkZPhsbXrD2m2l5iVtiMdI=
x-amz-request-id: 9HZPW3V4SPRRPM3J
Last-Modified: Fri, 02 Dec 2022 15:47:19 GMT
ETag: "c4709de8c9c356021de98176f13270b3"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Jun 2023 02:45:09 GMT
Content-Length: 1266
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

rewardarium.com/lightning.svg

188.114.97.1

200 OK

558 B

URL GET HTTP/3
rewardarium.com/lightning.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectrewardarium.com
FingerprintE9:09:05:81:43:DE:42:13:8F:E6:CA:66:34:30:0C:F1:2C:8D:E1:7E
ValidityThu, 06 Apr 2023 14:36:16 GMT - Wed, 05 Jul 2023 14:36:15 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (603), with no line terminators
Size
558 B (558 bytes)
Hash
9c0ef0f4019464092e924742904d75ea
33ed4dae960a9bfc33b63882d39e47ec431ec46d
2b810d0b2fb0339bca96276a4646b209804b992d8dbffb6e0d62651e48d97e83

HTTP Headers

GET /lightning.svg HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 02:45:08 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"9cbec3ef22e57179a0901d90b7b6e2fd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpQpBOFvDdK%2BoTU1VOGw4MJcVcW0ADzCZvxq6lrZXi3NbUQshNi8Ws0G2vDf%2BzSYkZtmHSOJbpZLXlM2I%2BE7FLYkXA9q6a%2FwLIaKpiW7R2fhsJ%2B25gwQKXTzbxRad997NKJGXrmiqMxerEFWjZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 2487
server: cloudflare
cf-ray: 7d041e68787db524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

stootsou.net/pfe/current/universal.min.js?v=3.1.436

139.45.197.250

200 OK

103 kB

URL GET HTTP/2
stootsou.net/pfe/current/universal.min.js?v=3.1.436
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
103 kB (103271 bytes)
Hash
1b123fd41baea32c1eb585b61dfa974a
79e249b08f2d60b923a335f0bd061fd0e4156cf8
738289e65a303f6c32178e4a0783cd1bf807628e20e522e7d84e7e764ea49f67

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.436 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:08 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 12:46:17 GMT
etag: W/"6475f019-19367"
access-control-allow-origin: https://rewardarium.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

stootsou.net/pfe/current/tag.min.js?z=5776812&ymid=687965663505159039&var=zd_5945406&var3=

139.45.197.250

200 OK

15 kB

URL GET HTTP/2
stootsou.net/pfe/current/tag.min.js?z=5776812&ymid=687965663505159039&var=zd_5945406&var3=
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint8B:6D:C9:76:36:ED:10:46:55:21:54:23:8C:4E:AC:7D:02:17:DD:7C
ValiditySun, 26 Mar 2023 05:17:40 GMT - Sat, 24 Jun 2023 05:17:39 GMT

File type
C source, ASCII text, with very long lines (14679), with no line terminators
Size
15 kB (14679 bytes)
Hash
dd1bd926c9d267f953b3631fa55c8597
1a37cc25c5dbeb4edd216419587df4c3f270adf0
6e021b2b21122242fa40175b8df6316a9386aa36454efd2c234e891258003d27

HTTP Headers

GET /pfe/current/tag.min.js?z=5776812&ymid=687965663505159039&var=zd_5945406&var3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:08 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 12:46:17 GMT
etag: W/"6475f019-3957"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357

188.114.97.1

200 OK

27 kB

URL User Request GET HTTP/2
rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectrewardarium.com
FingerprintE9:09:05:81:43:DE:42:13:8F:E6:CA:66:34:30:0C:F1:2C:8D:E1:7E
ValidityThu, 06 Apr 2023 14:36:16 GMT - Wed, 05 Jul 2023 14:36:15 GMT

File type

Size
27 kB (27372 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357 HTTP/1.1
Host: rewardarium.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 02:45:08 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmKY38LnqZA5gMIpBlA1xw1X03ODJh5jtEYkFqXMjziuhUKKe7FH7W%2FA1zCvrV0r4OEqB%2BQb45xHtKH0pVKJhHL%2BcRMLhw7wYJiWRLXZAqjrNRYF1OdSdyK3xcK6fVfjr%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d041e67283db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.mysexymatches.com/js/pushjs/1.0.0/utils.js

52.17.88.125

200 OK

7.1 kB

URL GET HTTP/2
www.mysexymatches.com/js/pushjs/1.0.0/utils.js
IP
52.17.88.125:443
ASN
#16509 AMAZON-02

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerLet's Encrypt
Subject*.mysexymatches.com
Fingerprint7D:35:18:C7:41:6B:DC:68:1E:F2:FB:E0:71:F3:96:D3:FE:1A:B7:7C
ValiditySat, 20 May 2023 00:31:45 GMT - Fri, 18 Aug 2023 00:31:44 GMT

File type
C source, ASCII text, with very long lines (7334), with no line terminators
Size
7.1 kB (7071 bytes)
Hash
7df62062a027cd25d5a179c520f38668
0ddaa8cd9090908d987e0299cef74fbf7f118738
cdf93aff990bae251f609ef00d7d2bdbb56a35f003c7184ba067b5948629faa3

HTTP Headers

GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Cookie: unique_id=6478063500026a74; unique_id2=6478063500026eed; 6478063500026eed_sl=[277423]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:10 GMT
content-type: application/javascript
expires: Thu, 08 Jun 2023 02:45:10 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js

52.17.88.125

200 OK

9.4 kB

URL GET HTTP/2
www.mysexymatches.com/js/pushjs/1.0.0/subscriber.js
IP
52.17.88.125:443
ASN
#16509 AMAZON-02

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerLet's Encrypt
Subject*.mysexymatches.com
Fingerprint7D:35:18:C7:41:6B:DC:68:1E:F2:FB:E0:71:F3:96:D3:FE:1A:B7:7C
ValiditySat, 20 May 2023 00:31:45 GMT - Fri, 18 Aug 2023 00:31:44 GMT

File type
C source text\012- troff or preprocessor input, ASCII text, with very long lines (9653), with no line terminators
Size
9.4 kB (9389 bytes)
Hash
84b622eb79d84a20b4fb5d3e2e122e2a
73eb77325e2b070e36f393eb4db66fa5af549ac6
514e603036c84a1e1afbc3b0eb748362dbd294f6af16bf88637d7b27f7a224dc

HTTP Headers

GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: www.mysexymatches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Cookie: unique_id=6478063500026a74; unique_id2=6478063500026eed; 6478063500026eed_sl=[277423]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:10 GMT
content-type: application/javascript
expires: Thu, 08 Jun 2023 02:45:10 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/277423/1669996037/js/MB_push_NEW.js?1669996037

23.36.76.194

200 OK

671 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/277423/1669996037/js/MB_push_NEW.js?1669996037
IP
23.36.76.194:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.mysexymatches.com/c/9fa1e2ea536c4871?s1=181_6420036_cfa_web_NO_pop&s2=16086902&s3=5776779
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (727), with no line terminators
Size
671 B (671 bytes)
Hash
5ed737cde84f4eeb689731a237c7b451
b5266351bdc2ba2edf68ff20027702a00d484093
8fdf7803afd520142c1ccd1abb6240d2ea3d5bf079b45d0b7de7fb71778be233

HTTP Headers

GET /landings/277423/1669996037/js/MB_push_NEW.js?1669996037 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mysexymatches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: TwtcLsNEPH0+dOTQxWCH0dp8vLuCBDIrT/t2FyN4HhkY5jqf77SoMEMiHK+TLdb/FDICBNRSev0=
x-amz-request-id: 9HZQ5999SNHCV322
Last-Modified: Fri, 02 Dec 2022 15:47:20 GMT
ETag: "533a9cb9c41907529c3d603edb25d5d9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 671
Date: Thu, 01 Jun 2023 02:45:09 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://rewardarium.com/?var=zd_5945406&ar=1&pb=3&ymid=687965663505159039&source=&ret=null&acb=proxy&axcusid2=Sweepstakes&axadvid=3599371&axcamid=9357
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
b279b7ef09f0524c6f72930252af5925
a8b35e2710dca7b491bf751f1ed1ef2763751084
61cd5a49ec4bdae767d4d3edaa3dfef7d2f7c8375f044b76f2dc094a69699221

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rewardarium.com/
Origin: https://rewardarium.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 02:45:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://rewardarium.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fb12886e7aed4234b3d3e93fa265c8e0; expires=Fri, 31 May 2024 02:45:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML